Archives
/
searxng
mirror of https://github.com/searxng/searxng
2
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
gh-pages
master
translations
dependabot/pip/master/sphinx-autobuild-2024.9.3
dependabot/npm_and_yarn/searx/static/themes/simple/master/grunt-eslint-25.0.0
update_js_ariable_to_python
v1.0.0
v0.18.0
v0.17.0
v0.16.0
v0.15.0
v0.14.0
v0.13.1
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e992e888a0'
${ noResults }
searxng/docs/admin/settings
History
Markus Heiser ab8e5383fb [mod] remove X-XSS-Protection headers 
Deprecated header not used by browsers nowadays[1]:

"""In modern browsers, X-XSS-Protection has been deprecated in favor of the
Content-Security-Policy to disable the use of inline JavaScript. Its use can
introduce XSS vulnerabilities in otherwise safe websites. This should not be
used unless you need to support older web browsers that don’t yet support CSP.
It is thus recommended to set the header as X-XSS-Protection: 0."""[2]

[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
[2] https://infosec.mozilla.org/guidelines/web_security#x-xss-protection

Closes: https://github.com/searxng/searxng/issues/3171
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
 		8 months ago
..
index.rst
settings.rst
settings_brand.rst
settings_categories_as_tabs.rst
settings_engine.rst
settings_general.rst [fix] typo in docs/admin/settings/settings_general.rst (doc) 1 year ago
settings_outgoing.rst
settings_redis.rst [fix] typos in documentation & messages 1 year ago
settings_search.rst [mod] autocomplete.py: add support for mwmbl completions 1 year ago
settings_server.rst [mod] remove X-XSS-Protection headers 8 months ago
settings_ui.rst [mod] add hotkeys option to settings.yml 12 months ago