Remove the X-XSS-Protection rule

mozilla / http-observatory

Mozilla HTTP Observatory

https://observatory.mozilla.org/

Mozilla Public License 2.0

1.84k stars 168 forks source link

Remove the X-XSS-Protection rule #488

Closed francoisfreitag closed 7 months ago

francoisfreitag commented 1 year ago

From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection:

Non-standard: This feature is non-standard and is not on a standards track. Do not use it on production sites facing the Web: it will not work for every user. There may also be large incompatibilities between implementations and the behavior may change in the future.

Solves https://github.com/mozilla/http-observatory/issues/432

haleybe commented 1 year ago

Still waiting on this?

LeoMcA commented 7 months ago

This is being handled with https://github.com/mozilla/http-observatory/pull/520, thank you!