tyler.durden
/
pi-hole
mirror of https://github.com/pi-hole/pi-hole.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

set X-XSS-Protection headers to 0 in lighttpd.conf 

Signed-off-by: Neill Wolf <neillawolf@gmail.com>
This commit is contained in:
Neill Wolf 2022-12-16 15:37:19 -06:00
parent a5d10a6256
commit d245226053
No known key found for this signature in database
GPG Key ID: B59575BB2EE2340A
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
advanced/lighttpd.conf.debian
View File

@ -90,7 +90,7 @@ $HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY",
"X-XSS-Protection" => "1; mode=block",
"X-XSS-Protection" => "0",
"X-Content-Type-Options" => "nosniff",
"Content-Security-Policy" => "default-src 'self' 'unsafe-inline';",
"X-Permitted-Cross-Domain-Policies" => "none",

2
advanced/lighttpd.conf.fedora
View File

@ -98,7 +98,7 @@ $HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY",
"X-XSS-Protection" => "1; mode=block",
"X-XSS-Protection" => "0",
"X-Content-Type-Options" => "nosniff",
"Content-Security-Policy" => "default-src 'self' 'unsafe-inline';",
"X-Permitted-Cross-Domain-Policies" => "none",