Drop X-XSS-Protection header usage as per its deprecation

Ref h5bp/server-configs-apache#253
Ref h5bp/server-configs-apache#198

Closes #260

h5bp/basic.conf

@@ -4,6 +4,5 @@
 include h5bp/security/referrer-policy.conf;
 include h5bp/security/x-content-type-options.conf;
 include h5bp/security/x-frame-options.conf;
-include h5bp/security/x-xss-protection.conf;
 include h5bp/location/security_file_access.conf;
 include h5bp/cross-origin/requests.conf;

nginx.conf

@@ -96,13 +96,6 @@ http {
   # Specify file cache expiration.
   include h5bp/web_performance/cache_expiration.conf;
 
-  # Add X-XSS-Protection for HTML documents.
-  # h5bp/security/x-xss-protection.conf
-  map $sent_http_content_type $x_xss_protection {
-    #           (1)    (2)
-    ~*text/html "1; mode=block";
-  }
-
   # Add X-Frame-Options for HTML documents.
   # h5bp/security/x-frame-options.conf
   map $sent_http_content_type $x_frame_options {