How to add X-XSS-Protection: 1; mode=block HTML

Question

I don't know how to add this part of code into my code. should it be in the header part?

<head>
<meta content="text/html; charset=UTF-8; X-Content-Type-Options=nosniff" http-equiv="Content-Type" />
<title>TestWebsite</title>
</head>

The problem is I have to add it into my code, because I did a security scan and I got that the X-XSS Protection is missing.

Answer 1

1. This cannot be added on a HTML page.
2. It has to be added to your server page as a response.

E.g. You can add any of the following options, according to your needs.

PHP

header("X-XSS-Protection: 0");

.htaccess

Header set x-xss-protection "1; mode=block"

Apache configuration files:

<IfModule mod_headers.c>
    Header set X-XSS-Protection: "1; mode=block"
</IfModule>