sn0opy
commented
8 years ago There's no option to disable it. You have to remove it manually from the base.php
https://github.com/bcosca/fatfree/blob/master/lib/base.php#L1050
Open redmoon7777 opened 8 years ago
sn0opy
commented
8 years ago There's no option to disable it. You have to remove it manually from the base.php
https://github.com/bcosca/fatfree/blob/master/lib/base.php#L1050
pixeline
commented
6 years ago Same here. Since i'm using fatfree via composer, modifying the core code is not ideal.
xfra35
commented
6 years ago Since the header function is called with $replace parameter set to TRUE, it shouldn't be a problem, should it?
KOTRET
commented
6 years ago well, maybe the header is not yet set when the code runs, but is added before flushing any output through the webserver. Is there is any option in nginx to check for existence of this header?
I have a problem with the default headers (especially the 'X-XSS-Protection: 1; mode=block' one) since they are included in my server configuration which means the headers are duplicated (added once from nginx and once from app).
Is there a way to disable the default headers ?