Chapter 12. Removed features

Because OpenShift v3 reached end-of-life, support for identity brokering with OpenShift v3 has been removed from Red Hat build of Keycloak.

The robots.txt file, previously included by default, is now removed. The default robots.txt file blocked all crawling, which prevented the noindex/nofollow directives from being followed. The desired default behavior is for Red Hat build of Keycloak pages to not show up in search engine results and this is accomplished by the existing X-Robots-Tag header, which is set to none by default. The value of this header can be overridden per-realm if a different behavior is needed.

If you previously added a rule in your reverse proxy configuration for this situation, you can now remove it.

Because the X-XSS-Protection header is no longer supported by any user agents that are supported by Red Hat build of Keycloak, it has been removed. This header was a feature of Internet Explorer, Chrome, and Safari that stopped pages from loading when they detected reflected cross-site scripting (XSS) attacks.

We don’t expect that this will impact any deployments due to the lack of support in user agents, as well as this feature being supplanted by Content Security Policy (CSP).