searxng

mirror of https://github.com/searxng/searxng synced 2024-01-01 19:24:07 +01:00

History

Markus Heiser ab8e5383fb [mod] remove X-XSS-Protection headers Deprecated header not used by browsers nowadays[1]: """In modern browsers, X-XSS-Protection has been deprecated in favor of the Content-Security-Policy to disable the use of inline JavaScript. Its use can introduce XSS vulnerabilities in otherwise safe websites. This should not be used unless you need to support older web browsers that don’t yet support CSP. It is thus recommended to set the header as X-XSS-Protection: 0."""[2] [1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection [2] https://infosec.mozilla.org/guidelines/web_security#x-xss-protection Closes: https://github.com/searxng/searxng/issues/3171 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>		2024-01-31 17:23:41 +01:00
..
engines
network
settings	[mod] remove X-XSS-Protection headers	2024-01-31 17:23:41 +01:00
__init__.py
test_answerers.py
test_engines_init.py	Fix: don't crash when engine or name is missing in settings.yml	2022-12-04 23:43:59 +01:00
test_exceptions.py	Add search.suspended_times settings	2023-01-15 09:00:32 +00:00
test_external_bangs.py
test_locales.py	[fix] spelling	2023-09-18 16:20:27 +02:00
test_plugins.py	[mod] isolation of botdetection from the limiter	2023-11-01 06:44:56 +01:00
test_preferences.py
test_query.py	[feat] implement feeling lucky feature	2023-09-19 09:40:57 +02:00
test_results.py
test_search.py	[feat] implement feeling lucky feature	2023-09-19 09:40:57 +02:00
test_settings_loader.py	[fix] typos / reported by @kianmeng in searx PR-3366	2022-09-27 18:32:14 +02:00
test_utils.py	[fix] HTMLParser: undocumented not implemented method	2023-10-22 10:35:02 +02:00
test_webadapter.py
test_webapp.py	[fix] spelling	2023-09-18 16:20:27 +02:00
test_webutils.py	[fix] do highlight replacement at once	2024-01-29 13:15:37 +01:00