class Kemal::Shield::XXSSProtection
- Kemal::Shield::XXSSProtection
- Kemal::Shield::Handler
- Kemal::Handler
- Reference
- Object
Overview
Kemal::Shield::XXSSProtection
disables the X-XSS-Protection HTTP header
by setting it to "0".
The X-XSS-Protection HTTP header caused some unintended security issues and many browsers has therefore chosen to remove it. (see this for more information)
This handler can be turned off by setting
Kemal::Shield.config.x_xss_protection = true