ainur/pi-hole
1
0
Fork 0
Code Issues Pull Requests Actions 90 Packages Projects Releases Wiki Activity

Set X-XSS-Protection headers to 0 in lighttpd.conf (#5069)

Browse Source
This commit is contained in:
Dan Schaper
2022-12-17 11:34:02 -08:00
committed by GitHub
parent a5d10a6256 d245226053
commit 6a2200a8e6
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
advanced/lighttpd.conf.debian
View File

@@ -90,7 +90,7 @@ $HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY",
"X-XSS-Protection" => "1; mode=block",
"X-XSS-Protection" => "0",
"X-Content-Type-Options" => "nosniff",
"Content-Security-Policy" => "default-src 'self' 'unsafe-inline';",
"X-Permitted-Cross-Domain-Policies" => "none",

2
advanced/lighttpd.conf.fedora
View File

@@ -98,7 +98,7 @@ $HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY",
"X-XSS-Protection" => "1; mode=block",
"X-XSS-Protection" => "0",
"X-Content-Type-Options" => "nosniff",
"Content-Security-Policy" => "default-src 'self' 'unsafe-inline';",
"X-Permitted-Cross-Domain-Policies" => "none",