action_dispatch-disable_x_xss_protection
Advanced tools
Disables the X-XSS-Protection header which Action Dispatch sets by default
This gem disables the X-XSS-Protection header which Action Dispatch sets as 1; mode=block by default. Applications always return X-XSS-Protection: 0 after installing this gem.
All you need is to add this gem to your application's Gemfile:
gem 'action_dispatch-disable_x_xss_protection'
And then execute:
$ bundle
Assumed that a server has started by bin/rails s:
# before installing this gem
$ curl -sI http://localhost:3000 | grep X-XSS-Protection
X-XSS-Protection: 1; mode=block
# after installing this gem
$ curl -sI http://localhost:3000 | grep X-XSS-Protection
X-XSS-Protection: 0
Bug reports and pull requests are welcome on GitHub at https://github.com/pepabo/action_dispatch-disable_x_xss_protection.
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that action_dispatch-disable_x_xss_protection demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Bybit's $1.46B hack by North Korea's Lazarus Group pushes 2025 crypto losses to $1.6B in just two months, already surpassing all of 2024's $1.49B total.
Security News
OpenSSF has published OSPS Baseline, an initiative designed to establish a minimum set of security-related best practices for open source software projects.
Security News
Michigan TypeScript founder Dimitri Mitropoulos implements WebAssembly runtime in TypeScript types, enabling Doom to run after processing 177 terabytes of type definitions.