Don't set X-UA-Compatible header by default

We are setting this header to chrome=1 for Chrome Frame and this will be retired soon. Check http://blog.chromium.org/2013/06/retiring-chrome-frame.html for details
2022-11-09 12:12:34 -05:00 · 2013-06-13 14:56:02 -05:00 · 2013-06-13 14:56:02 -05:00 · 934369f529
commit 934369f529
parent 41a398f859
2 changed files with 2 additions and 5 deletions
--- a/actionpack/lib/action_dispatch/railtie.rb
+++ b/actionpack/lib/action_dispatch/railtie.rb
@ -20,8 +20,7 @@ module ActionDispatch
    config.action_dispatch.default_headers = {
      'X-Frame-Options' => 'SAMEORIGIN',
      'X-XSS-Protection' => '1; mode=block',
-      'X-Content-Type-Options' => 'nosniff',
-      'X-UA-Compatible' => 'chrome=1'
+      'X-Content-Type-Options' => 'nosniff'
    }

    config.eager_load_namespaces << ActionDispatch
--- a/actionpack/test/dispatch/response_test.rb
+++ b/actionpack/test/dispatch/response_test.rb
@ -182,8 +182,7 @@ class ResponseTest < ActiveSupport::TestCase
      ActionDispatch::Response.default_headers = {
        'X-Frame-Options' => 'DENY',
        'X-Content-Type-Options' => 'nosniff',
-        'X-XSS-Protection' => '1;',
-        'X-UA-Compatible' => 'chrome=1'
+        'X-XSS-Protection' => '1;'
      }
      resp = ActionDispatch::Response.new.tap { |response|
        response.body = 'Hello'
@ -193,7 +192,6 @@ class ResponseTest < ActiveSupport::TestCase
      assert_equal('DENY', resp.headers['X-Frame-Options'])
      assert_equal('nosniff', resp.headers['X-Content-Type-Options'])
      assert_equal('1;', resp.headers['X-XSS-Protection'])
-      assert_equal('chrome=1', resp.headers['X-UA-Compatible'])
    ensure
      ActionDispatch::Response.default_headers = nil
    end