RT#7092: Apache on godard adds an additional X-Xss-Protection

author Martin Zobel-Helas <zobel@debian.org>

Fri, 9 Feb 2018 17:18:36 +0000 (18:18 +0100)

committer Bastian Blank <waldi@debian.org>

Tue, 13 Feb 2018 21:33:46 +0000 (22:33 +0100)
author Martin Zobel-Helas <zobel@debian.org>
Fri, 9 Feb 2018 17:18:36 +0000 (18:18 +0100)
committer Bastian Blank <waldi@debian.org>
Tue, 13 Feb 2018 21:33:46 +0000 (22:33 +0100)
diff --git a/modules/apache2/files/headers b/modules/apache2/files/headers

index 3e7167a..15d3b08 100644 (file)
--- a/modules/apache2/files/headers
+++ b/modules/apache2/files/headers
@@ -1,9 +1,9 @@
  <IfModule mod_headers.c>
    Header set X-Clacks-Overhead "GNU Terry Pratchett"
  
-  Header always set X-Content-Type-Options "nosniff"
-  Header always set X-Frame-Options "sameorigin"
-  Header always set Referrer-Policy "no-referrer"
-  # Header always set X-Xss-Protection "1; mode=block"
-  Header always set X-Xss-Protection "1"
+  Header always setifempty X-Content-Type-Options "nosniff"
+  Header always setifempty X-Frame-Options "sameorigin"
+  Header always setifempty Referrer-Policy "no-referrer"
+  # Header always setifempty X-Xss-Protection "1; mode=block"
+  Header always setifempty X-Xss-Protection "1"
  </IfModule>
author	Martin Zobel-Helas <zobel@debian.org>
	Fri, 9 Feb 2018 17:18:36 +0000 (18:18 +0100)
committer	Bastian Blank <waldi@debian.org>
	Tue, 13 Feb 2018 21:33:46 +0000 (22:33 +0100)