X-XSS-Protection header is deprecated
The nginx example advise to set a X-XSS-Protection header, but this is deprecated in favor of CSP protection.
The nginx example advise to set a X-XSS-Protection header, but this is deprecated in favor of CSP protection.