X-XSS-Protection depreciation

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Security - Other
    • None
    • 1
    • 3

      As per X-XSS-Protection:

      These protections are largely unnecessary in modern browsers when sites implement a strong Content-Security-Policy that disables the use of inline JavaScript ('unsafe-inline').

      This header should be removed as part of the implementation of BSERV-14533.

            Assignee:
            Unassigned
            Reporter:
            Moga
            Votes:
            3 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated: