docs: remove X-Content-Security-Policy header in quick-start.md (#34307)

reference: Note: It is known that having both Content-Security-Policy
 and X-Content-Security-Policy or X-Webkit-CSP causes unexpected
 behaviours on certain versions of browsers. Please avoid using deprecated
 X-* headers. https://content-security-policy.com/
also:
1ad18486ed
This commit is contained in:
FantasqueX 2022-05-23 20:49:38 +08:00 committed by GitHub
parent 291eb60916
commit 89fab6a549
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -131,7 +131,6 @@ folder of your project:
<meta charset="UTF-8"> <meta charset="UTF-8">
<!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP --> <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'"> <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
<meta http-equiv="X-Content-Security-Policy" content="default-src 'self'; script-src 'self'">
<title>Hello World!</title> <title>Hello World!</title>
</head> </head>
<body> <body>
@ -427,7 +426,6 @@ window.addEventListener('DOMContentLoaded', () => {
<meta charset="UTF-8"> <meta charset="UTF-8">
<!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP --> <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP -->
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'"> <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'">
<meta http-equiv="X-Content-Security-Policy" content="default-src 'self'; script-src 'self'">
<title>Hello World!</title> <title>Hello World!</title>
</head> </head>
<body> <body>