settings: Remove SECURE_BROWSER_XSS_FILTER

jelly · jelly · commit 6c4cdeabce08 · 2026-05-10T20:54:03.000+02:00
This option was removed in Django 4.0.
diff --git a/settings.py b/settings.py
@@ -94,9 +94,6 @@
 # X-Content-Type-Options, stops browsers from trying to MIME-sniff the content type
 SECURE_CONTENT_TYPE_NOSNIFF = True
 
-# X-XSS-Protection, enables cross-site scripting filter in most browsers
-SECURE_BROWSER_XSS_FILTER = True
-
 # CSP Settings
 CSP_DEFAULT_SRC = ("'self'",)
 CSP_SCRIPT_SRC = ("'self'",)
