X-XSS-Protection depreciation

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Security - Other
    • None
    • 1
    • 3

      As per X-XSS-Protection:

      These protections are largely unnecessary in modern browsers when sites implement a strong Content-Security-Policy that disables the use of inline JavaScript ('unsafe-inline').

      This header should be removed as part of the implementation of BSERV-14533.

              Assignee:
              Unassigned
              Reporter:
              Moga
              Votes:
              3 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: