Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

remove X-XSS-Protection header #5330

Merged
merged 3 commits into from
Oct 25, 2021
Merged

remove X-XSS-Protection header #5330

merged 3 commits into from
Oct 25, 2021

Conversation

manuel-sommer
Copy link
Contributor

@manuel-sommer manuel-sommer commented Oct 23, 2021

I recently also searched regarding the usage of X-XSS header and found this:
OWASP/CheatSheetSeries#376

fixes #5328

@github-actions github-actions bot added the settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR label Oct 23, 2021
@valentijnscholten valentijnscholten changed the title remove X-XSS header, resolves #5328 remove X-XSS-Protection header, resolves #5328 Oct 24, 2021
@valentijnscholten valentijnscholten changed the title remove X-XSS-Protection header, resolves #5328 remove X-XSS-Protection header Oct 24, 2021
@damiencarol damiencarol merged commit 58ee3f3 into DefectDojo:dev Oct 25, 2021
@damiencarol damiencarol linked an issue Oct 25, 2021 that may be closed by this pull request
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR
Projects
None yet
Development

Successfully merging this pull request may close these issues.

X-XSS-Protection header should be absent or set to 0
3 participants