X-XSS-Protection Header is Missing
X-XSS-Protection response header is a feature of Internet Explorer, Chrome and Safari that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Mozilla
Configure your server to send this header for all pages. You can see references for possible values.