remove X-XSS-Protection header from nginx.conf

core/nginx/conf/nginx.conf

@@ -117,7 +117,6 @@ http {
       add_header X-Frame-Options 'SAMEORIGIN';
       add_header X-Content-Type-Options 'nosniff';
       add_header X-Permitted-Cross-Domain-Policies 'none';
-      add_header X-XSS-Protection '0';
       add_header Referrer-Policy 'same-origin';
 
       # mozilla autoconfiguration