class Kemal::Shield::XXSSProtection

Overview

Kemal::Shield::XXSSProtection disables the X-XSS-Protection HTTP header by setting it to "0".

The X-XSS-Protection HTTP header caused some unintended security issues and many browsers has therefore chosen to remove it. (see this for more information)

This handler can be turned off by setting

Kemal::Shield.config.x_xss_protection = true

Defined in:

kemal-shield/handlers/x_xss_protection.cr

Instance Method Summary

Instance Method Detail

def call(context) #

[View source]