MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

remove x-frame-options HTTP header 

fixes #12817
This commit is contained in:
Harshavardhana 2021-07-28 08:57:17 -07:00
parent 20cacc3b04
commit 397637a042
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cmd/generic-handlers.go
View File

@ -560,7 +560,6 @@ func addSecurityHeaders(h http.Handler) http.Handler {
header := w.Header()
header.Set("X-XSS-Protection", "1; mode=block") // Prevents against XSS attacks
header.Set("Content-Security-Policy", "block-all-mixed-content") // prevent mixed (HTTP / HTTPS content)
header.Set("X-Frame-Options", "deny") // Prevent against Clickjack attack
header.Set("X-Content-Type-Options", "nosniff") // Prevent mime-sniff
header.Set("Strict-Transport-Security", "max-age=31536000; includeSubDomains") // HSTS mitigates variants of MITM attacks
h.ServeHTTP(w, r)