document change

Merge pull request #1825 from mirek-vl/master
Remove X-XSS-Protection from Controller.php
2026-04-11 20:36:59 -04:00 · 2026-04-11 19:46:58 +02:00 · 2026-04-11 19:43:31 +02:00 · 2026-04-11 12:57:54 +02:00 · 2026-04-03 19:41:59 +02:00 · 2026-04-03 11:52:33 +00:00
3 changed files with 2 additions and 2 deletions
--- a/.github/workflows/test-results.yml
+++ b/.github/workflows/test-results.yml
@@ -25,7 +25,7 @@ jobs:

    steps:
       - name: Download and Extract Artifacts
-         uses: dawidd6/action-download-artifact@8a338493df3d275e4a7a63bcff3b8fe97e51a927
+         uses: dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732
         with:
          run_id: ${{ github.event.workflow_run.id }}
          path: artifacts
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@
 * CHANGED: Deduplicate JSON error message translations
 * CHANGED: Refactored translation of exception messages
 * CHANGED: Upgrading libraries to: DOMpurify 3.3.2, ip-lib 1.22.0 & polyfill-php80 1.33.0
+* CHANGED: Remove obsolete X-XSS-Protection header (#1825)
 * FIXED: Some exceptions not getting translated
 * FIXED: Attachment disappears after a "paste" in the message area (#1731)
 * FIXED: The content format is not reset when creating a new document (#1707)
--- a/lib/Controller.php
+++ b/lib/Controller.php
@@ -416,7 +416,6 @@ class Controller
        header('Referrer-Policy: no-referrer');
        header('X-Content-Type-Options: nosniff');
        header('X-Frame-Options: deny');
-        header('X-XSS-Protection: 1; mode=block');

        // label all the expiration options
        $expire = array();
Author	SHA1	Message	Date
El RIDO	1e8ea16920	document change	2026-04-11 19:46:58 +02:00
El RIDO	ebe6591864	Merge pull request #1825 from mirek-vl/master Remove X-XSS-Protection from Controller.php	2026-04-11 19:43:31 +02:00
mirek-vl	1a5fa93f2f	Remove X-XSS-Protection from Controller.php	2026-04-11 12:57:54 +02:00
El RIDO	0a8fcb585e	Merge pull request #1822 from PrivateBin/dependabot/github_actions/dawidd6/action-download-artifact-20 chore(deps): bump dawidd6/action-download-artifact from 19 to 20	2026-04-03 19:41:59 +02:00
dependabot[bot]	e00ae3fb44	chore(deps): bump dawidd6/action-download-artifact from 19 to 20 Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 19 to 20. - [Release notes](https://github.com/dawidd6/action-download-artifact/releases) - [Commits](`8a338493df...8305c0f106`) --- updated-dependencies: - dependency-name: dawidd6/action-download-artifact dependency-version: '20' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-03 11:52:33 +00:00