Skip to content

Commit 6d820f0

Browse files
committed
docs(admin): remove X-XSS-Protection header from Nginx assets
It was removed from the config in #9188, but forgotten for the static assets block. In addition, the date added with #12100 was is added to the subdir config as well, for consistency. Signed-off-by: MichaIng <[email protected]>
1 parent dbde0fd commit 6d820f0

File tree

2 files changed

+3
-3
lines changed

2 files changed

+3
-3
lines changed

admin_manual/installation/nginx-root.conf.sample

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# Version 2024-07-17
1+
# Version 2025-07-23
22

33
upstream php-handler {
44
server 127.0.0.1:9000;
@@ -179,7 +179,6 @@ server {
179179
add_header X-Frame-Options "SAMEORIGIN" always;
180180
add_header X-Permitted-Cross-Domain-Policies "none" always;
181181
add_header X-Robots-Tag "noindex, nofollow" always;
182-
add_header X-XSS-Protection "1; mode=block" always;
183182
access_log off; # Optional: Don't log access to assets
184183
}
185184

admin_manual/installation/nginx-subdir.conf.sample

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
# Version 2025-07-23
2+
13
upstream php-handler {
24
server 127.0.0.1:9000;
35
#server unix:/run/php/php8.2-fpm.sock;
@@ -176,7 +178,6 @@ server {
176178
add_header X-Frame-Options "SAMEORIGIN" always;
177179
add_header X-Permitted-Cross-Domain-Policies "none" always;
178180
add_header X-Robots-Tag "noindex, nofollow" always;
179-
add_header X-XSS-Protection "1; mode=block" always;
180181
access_log off; # Optional: Don't log access to assets
181182
}
182183

0 commit comments

Comments
 (0)