From 5949a0465aad1de9c969fc9a4be5ba959c4a5c2a Mon Sep 17 00:00:00 2001
From: Klaus Eisentraut <2080545+keisentraut@users.noreply.github.com>
Date: Mon, 2 Nov 2020 19:58:49 +0100
Subject: [PATCH] fix #1762: X-XSS-Protection is rated as INFO, fixed bug
 introduced in last commit

---
 testssl.sh | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index b0387f2..9efafe5 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -3204,12 +3204,13 @@ run_security_headers() {
                              "Content-Security-Policy-Report-Only OK" \
                              "Expect-CT OK" \
                              "Permissions-Policy OK" \
-                             "X-XSS-Protection LOW" \
+                             "X-XSS-Protection INFO" \
                              "Access-Control-Allow-Origin INFO" \
                              "Upgrade INFO" \
                              "X-Served-By INFO" \
                              "Referrer-Policy INFO" \
-                             "X-UA-Compatible Cache-Control INFO" \
+                             "X-UA-Compatible INFO" \
+                             "Cache-Control INFO" \
                              "Pragma INFO"; do
           read header svrty <<< "${header_and_svrty}"
           [[ "$DEBUG" -ge 5 ]] &&  echo "testing \"$header\" (severity \"$svrty\")"