fatfree icon indicating copy to clipboard operation
fatfree copied to clipboard

Published 20 hours ago verified publisher icon bcosca

Default Headers

Open redmoon7777 opened this issue 7 years ago • 4 comments

I have a problem with the default headers (especially the 'X-XSS-Protection: 1; mode=block' one) since they are included in my server configuration which means the headers are duplicated (added once from nginx and once from app).

Is there a way to disable the default headers ?

redmoon7777 avatar Oct 05 '16 22:10 redmoon7777

There's no option to disable it. You have to remove it manually from the base.php

https://github.com/bcosca/fatfree/blob/master/lib/base.php#L1050

sn0opy avatar Oct 06 '16 08:10 sn0opy

Same here. Since i'm using fatfree via composer, modifying the core code is not ideal.

pixeline avatar Jan 28 '18 10:01 pixeline

Since the header function is called with $replace parameter set to TRUE, it shouldn't be a problem, should it?

xfra35 avatar Jan 28 '18 19:01 xfra35

well, maybe the header is not yet set when the code runs, but is added before flushing any output through the webserver. Is there is any option in nginx to check for existence of this header?

KOTRET avatar Jan 31 '18 07:01 KOTRET