remove doubled X-XSS-Protection Header

since it gets already set by MISP itself
MISP · Jan 9, 2025 · 3a219de · 3a219de
1 parent 654ac74
commit 3a219de
Showing 1 changed file with 0 additions and 1 deletion.
diff --git a/core/files/etc/nginx/includes/misp b/core/files/etc/nginx/includes/misp
@@ -11,7 +11,6 @@ add_header X-Download-Options "noopen" always;
 add_header X-Frame-Options "SAMEORIGIN" always;
 add_header X-Permitted-Cross-Domain-Policies "none" always;
 add_header X-Robots-Tag "none" always;
-add_header X-XSS-Protection "1; mode=block" always;
 
 # remove X-Powered-By and nginx version, which is an information leak
 fastcgi_hide_header X-Powered-By;