From ad0d9b121577e22863dc3012ddd75d3adba0d34c Mon Sep 17 00:00:00 2001
From: Mystikfluu <Mystikfluu@gmail.com>
Date: Sun, 3 Jul 2022 11:16:55 +0200
Subject: [PATCH] add x-xss-protection header

---
 server.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/server.js b/server.js
index 2d67ff2..c0c986d 100644
--- a/server.js
+++ b/server.js
@@ -326,6 +326,11 @@ if(!config.disallow_proxies_by_headers) {
   blocked_headers = []
 }
 
+app.use(function(req,res,next) {
+  res.set("X-XSS-Protection","1; mode=block")
+  next()
+})
+
 if(DID_I_FINALLY_ADD_HTTPS) {
 
   //auto redirect to https