jyt94
/
closedSocialMastodon
forked from closed-social/mastodon
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

disable legacy XSS filtering (#17289) 

Browsers are phasing out X-XSS-Protection, but Safari and IE still support it.
cs+3.4.6^2
Wonderfall 2 years ago
committed by Claire
parent
bf005edd30
commit
a06dda41d0
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      config/environments/production.rb

+ 1
- 1
config/environments/production.rb View File

@ -118,7 +118,7 @@ Rails.application.configure do
'Server' => 'Mastodon',
'X-Frame-Options' => 'DENY',
'X-Content-Type-Options' => 'nosniff',
'X-XSS-Protection' => '1; mode=block',
'X-XSS-Protection' => '0',
'Permissions-Policy' => 'interest-cohort=()',
}

Write Preview
Loading…
Cancel
Save