From 7cc5328ede3bfeb892afba49c5ba0dc1990b1e6a Mon Sep 17 00:00:00 2001
From: sakkiii <saketmittal.09@gmail.com>
Date: Mon, 24 May 2021 17:20:54 +0530
Subject: [PATCH] Comments & Ref

---
 roles/matrix-nginx-proxy/defaults/main.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml
index dd0fc21e..0adf9c5f 100644
--- a/roles/matrix-nginx-proxy/defaults/main.yml
+++ b/roles/matrix-nginx-proxy/defaults/main.yml
@@ -290,8 +290,13 @@ matrix_nginx_proxy_floc_optout_enabled: true
 # - https://hstspreload.org/#opt-in
 matrix_nginx_proxy_hsts_preload_enable: false
 
+# X-XSS-Protection Enable
+# Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.
+# Note: Not applicable for grafana
 #
-#
+# Learn more about it is here:
+# - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
+# - https://portswigger.net/web-security/cross-site-scripting/reflected
 matrix_nginx_proxy_xss_protection: "1; mode=block"
 
 # Specifies the SSL configuration that should be used for the SSL protocols and ciphers