public_git
/
ansibleguy.infra_apache
mirror of https://github.com/ansibleguy/infra_apache.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

remove deprecated X-XSS-Protection header

This commit is contained in:
AnsibleGuy 2024-09-06 14:33:18 +02:00
parent 8d959f519b
commit 2dfe21245f
No known key found for this signature in database
GPG Key ID: 52984C069F5AD3CD
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
defaults/main/1_main.yml
View File

@ -59,7 +59,6 @@ defaults_apache:
'X-Frame-Options': 'SAMEORIGIN' 'X-Frame-Options': 'SAMEORIGIN'
'X-Content-Type-Options': 'nosniff' 'X-Content-Type-Options': 'nosniff'
'X-Permitted-Cross-Domain-Policies': '"none"' 'X-Permitted-Cross-Domain-Policies': '"none"'
'X-XSS-Protection': '"1; mode=block"'
'Header always edit Set-Cookie ^(.*)$': '$1;HttpOnly;Secure;SameSite=None' 'Header always edit Set-Cookie ^(.*)$': '$1;HttpOnly;Secure;SameSite=None'
# 'Header set Permissions-Policy': '"none"' # 'Header set Permissions-Policy': '"none"'
# 'Header set Content-Security-Policy': '"default-src https:; font-src https:; img-src https:; script-src https:; style-src https:;"' # 'Header set Content-Security-Policy': '"default-src https:; font-src https:; img-src https:; script-src https:; style-src https:;"'