Commented out security headers - might req apache module

2017-09-29 14:00:05 -07:00 · 2017-09-29 14:00:05 -07:00 · a0bd9bce39
commit a0bd9bce39
parent 5223ec1dbb
1 changed files with 4 additions and 4 deletions
--- a/public/.htaccess
+++ b/public/.htaccess
@ -25,9 +25,9 @@
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Security Headers
-    Header set Strict-Transport-Security "max-age=2592000" env=HTTPS
-    Header set X-XSS-Protection "1; mode=block"
-    Header set X-Content-Type-Options nosniff
-    Header set X-Permitted-Cross-Domain-Policies "master-only"
+    # Header set Strict-Transport-Security "max-age=2592000" env=HTTPS
+    # Header set X-XSS-Protection "1; mode=block"
+    # Header set X-Content-Type-Options nosniff
+    # Header set X-Permitted-Cross-Domain-Policies "master-only"

 </IfModule>