class Kemal::Shield::XXSSProtection

Kemal::Shield::XXSSProtection
Kemal::Shield::Handler
Kemal::Handler
Reference
Object

Overview

Kemal::Shield::XXSSProtection disables the X-XSS-Protection HTTP header by setting it to "0".

The X-XSS-Protection HTTP header caused some unintended security issues and many browsers has therefore chosen to remove it. (see this for more information)

This handler can be turned off by setting

Kemal::Shield.config.x_xss_protection = true

Defined in:

kemal-shield/handlers/x_xss_protection.cr

Instance Method Summary

#call(context)

Instance Method Detail

def call(context) #

[View source]

CrystalDoc.info

kemal-shield

class Kemal::Shield::XXSSProtection

Overview

Defined in:

Instance Method Summary

Instance Method Detail