pyrox.dev / nixpkgs
lol
fork atom

nixos/canaille: remove HTTP header X-XSS-Protection

Addresses https://github.com/NixOS/nixpkgs/issues/438800

Kerstin Humm 301e5cca ed4ae67b

options
unified split
Changed files
-1
nixos
modules
services
security
canaille.nix
-1
nixos/modules/services/security/canaille.nix 
···

       
349

       
349

       
 

       



     

       
350

       
350

       
 

       
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;


     

       
351

       
351

       
 

       
        add_header X-Frame-Options                      "SAMEORIGIN"    always;


     

       
352

       

       
-

       
        add_header X-XSS-Protection                     "1; mode=block" always;


     

       
353

       
352

       
 

       
        add_header X-Content-Type-Options               "nosniff"       always;


     

       
354

       
353

       
 

       
        add_header Referrer-Policy                      "same-origin"   always;


     

       
355

       
354

       
 

       
      '';