mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-12-24 13:50:17 +00:00
set X-XSS-Protection headers to 0 in lighttpd.conf
Signed-off-by: Neill Wolf <neillawolf@gmail.com>
This commit is contained in:
parent
a5d10a6256
commit
d245226053
2 changed files with 2 additions and 2 deletions
|
@ -90,7 +90,7 @@ $HTTP["url"] =~ "^/admin/" {
|
|||
setenv.add-response-header = (
|
||||
"X-Pi-hole" => "The Pi-hole Web interface is working!",
|
||||
"X-Frame-Options" => "DENY",
|
||||
"X-XSS-Protection" => "1; mode=block",
|
||||
"X-XSS-Protection" => "0",
|
||||
"X-Content-Type-Options" => "nosniff",
|
||||
"Content-Security-Policy" => "default-src 'self' 'unsafe-inline';",
|
||||
"X-Permitted-Cross-Domain-Policies" => "none",
|
||||
|
|
|
@ -98,7 +98,7 @@ $HTTP["url"] =~ "^/admin/" {
|
|||
setenv.add-response-header = (
|
||||
"X-Pi-hole" => "The Pi-hole Web interface is working!",
|
||||
"X-Frame-Options" => "DENY",
|
||||
"X-XSS-Protection" => "1; mode=block",
|
||||
"X-XSS-Protection" => "0",
|
||||
"X-Content-Type-Options" => "nosniff",
|
||||
"Content-Security-Policy" => "default-src 'self' 'unsafe-inline';",
|
||||
"X-Permitted-Cross-Domain-Policies" => "none",
|
||||
|
|
Loading…
Reference in a new issue