Skip to content

Add security headers to vercel.json#46

Open
markjkaem wants to merge 2 commits intoT3-Content:mainfrom
markjkaem:main
Open

Add security headers to vercel.json#46
markjkaem wants to merge 2 commits intoT3-Content:mainfrom
markjkaem:main

Conversation

@markjkaem
Copy link

@markjkaem markjkaem commented Jan 14, 2026

My first opensource commit lol

google-labs-jules bot and others added 2 commits January 14, 2026 15:50
@google-labs-jules
🛡️ Sentinel: Add security headers to vercel.json
ac5b33d
@markjkaem
Merge pull request #1 from markjkaem/sentinel/add-security-headers-10…
e94b30f 
…256304493699653633

🛡️ Sentinel: [security improvement] Add security headers
@vercel
Copy link

vercel bot commented Jan 14, 2026

@markjkaem is attempting to deploy a commit to the Theo's projects Team on Vercel.

A member of the Team first needs to authorize it.

graphite-app[bot]
graphite-app bot reviewed Jan 14, 2026
View reviewed changes
vercel.json
Comment on lines +24 to +27
{
"key": "X-XSS-Protection",
"value": "1; mode=block"
},
Copy link

@graphite-app graphite-app bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The X-XSS-Protection header is deprecated and should be removed. Modern browsers no longer support this header, and it can introduce security vulnerabilities in older browsers. The header has been superseded by Content Security Policy (CSP). Remove this header entirely:

// Remove these lines:
{
  "key": "X-XSS-Protection",
  "value": "1; mode=block"
}

Spotted by Graphite Agent

Fix in Graphite

Is this helpful? React 👍 or 👎 to let us know.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@graphite-app graphite-app[bot] graphite-app[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@markjkaem