services.grafana.settings.security.x_xss_protection
Set to true to enable the X-XSS-Protection header,
which tells browsers to stop pages from loading when they detect reflected cross-site scripting (XSS) attacks.
Note: this is the default in Grafana, it's turned off here since it's recommended to not use this header anymore.
- Type
boolean- Default
false- Declared
- <nixpkgs/nixos/modules/services/monitoring/grafana.nix>