From 6e0afd4e9c290cdc8bfde5cc8c375d86daf6f499 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Fri, 28 May 2021 12:51:24 +0200
Subject: [PATCH] Remove X-XSS-Protection response header

The XSS auditor has been removed in all web browsers by now, making this header
useless.
---
 .../install/files/lib/acp/form/AdAddForm.class.php   | 12 ------------
 .../files/lib/acp/form/TemplateAddForm.class.php     | 12 ------------
 .../files/lib/acp/form/UserMailForm.class.php        | 12 ------------
 3 files changed, 36 deletions(-)

diff --git a/wcfsetup/install/files/lib/acp/form/AdAddForm.class.php b/wcfsetup/install/files/lib/acp/form/AdAddForm.class.php
index 7bc89ba7e4..48eb901b82 100644
--- a/wcfsetup/install/files/lib/acp/form/AdAddForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/AdAddForm.class.php
@@ -275,16 +275,4 @@ class AdAddForm extends AbstractForm
             }
         }
     }
-
-    /**
-     * @inheritDoc
-     */
-    public function show()
-    {
-        // work-around for a known Chrome bug that causes the XSS auditor
-        // to incorrectly detect JavaScript inside a textarea
-        @\header('X-XSS-Protection: 0');
-
-        parent::show();
-    }
 }
diff --git a/wcfsetup/install/files/lib/acp/form/TemplateAddForm.class.php b/wcfsetup/install/files/lib/acp/form/TemplateAddForm.class.php
index 6970c28634..e388e19636 100644
--- a/wcfsetup/install/files/lib/acp/form/TemplateAddForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/TemplateAddForm.class.php
@@ -265,16 +265,4 @@ class TemplateAddForm extends AbstractForm
             'copy' => $this->copy,
         ]);
     }
-
-    /**
-     * @inheritDoc
-     */
-    public function show()
-    {
-        // work-around for a known Chrome bug that causes the XSS auditor
-        // to incorrectly detect JavaScript inside a textarea
-        @\header('X-XSS-Protection: 0');
-
-        parent::show();
-    }
 }
diff --git a/wcfsetup/install/files/lib/acp/form/UserMailForm.class.php b/wcfsetup/install/files/lib/acp/form/UserMailForm.class.php
index e1a3654232..ade3052a6c 100755
--- a/wcfsetup/install/files/lib/acp/form/UserMailForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/UserMailForm.class.php
@@ -255,16 +255,4 @@ class UserMailForm extends AbstractForm
             'userList' => $this->userList,
         ]);
     }
-
-    /**
-     * @inheritDoc
-     */
-    public function show()
-    {
-        // work-around for a known Chrome bug that causes the XSS auditor
-        // to incorrectly detect JavaScript inside a textarea
-        @\header('X-XSS-Protection: 0');
-
-        parent::show();
-    }
 }
-- 
2.20.1