Get Error parsing header in Chrome Console

Question

Get Error parsing header in Chrome Console

Kokil opened this issue 5 years ago · comments

Error parsing header X-XSS-Protection: 1; mode=block, 1; mode=block: expected semicolon at character position 13. The default protections will be applied.

bepsvpt · Answer 1 · Thu Jun 20 2019 21:51:32 GMT+0800 (China Standard Time)

Hi @Kokil,

What value did you set for X-XSS-Protection?

Kokil · Answer 2 · Thu Jun 20 2019 23:03:42 GMT+0800 (China Standard Time)

Hi @bepsvpt,
This is what i set
'x-xss-protection' => '1; mode=block',

bepsvpt · Answer 3 · Thu Jun 20 2019 23:10:50 GMT+0800 (China Standard Time)

symfony/symfony#30134

I found this issue is same error message as you provide. Did you send X-XSS-Protection header in other place? Like Nginx or Apache.

Kokil · Answer 4 · Thu Jun 20 2019 23:12:33 GMT+0800 (China Standard Time)

No, I haven't

bepsvpt · Answer 5 · Thu Jun 20 2019 23:17:22 GMT+0800 (China Standard Time)

Could you use browser developer tools to see the value of X-XSS-Protection?

Kokil · Answer 6 · Thu Jun 20 2019 23:25:37 GMT+0800 (China Standard Time)

Yes, you are right. I got double X-XSS-Protection.

bepsvpt · Answer 7 · Wed Sep 04 2019 22:15:54 GMT+0800 (China Standard Time)

If you have any further question, feel free to open a new issue.