From 3779d3a52574152afabd30e3a258f53ae99a4156 Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Tue, 8 Oct 2024 11:40:06 +0200
Subject: [PATCH] [nelmio/security-bundle] Remove xss_protection config

---
 .../2.4/config/packages/nelmio_security.yaml                | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/nelmio/security-bundle/2.4/config/packages/nelmio_security.yaml b/nelmio/security-bundle/2.4/config/packages/nelmio_security.yaml
index 292bbeb65..770f8e07b 100644
--- a/nelmio/security-bundle/2.4/config/packages/nelmio_security.yaml
+++ b/nelmio/security-bundle/2.4/config/packages/nelmio_security.yaml
@@ -8,12 +8,6 @@ nelmio_security:
     content_type:
         nosniff: true
 
-    # forces Microsoft's XSS-Protection with
-    # its block mode
-    xss_protection:
-        enabled: true
-        mode_block: true
-
     # Send a full URL in the `Referer` header when performing a same-origin request,
     # only send the origin of the document to secure destination (HTTPS->HTTPS),
     # and send no header to a less secure destination (HTTPS->HTTP).