diff --git a/config/src/main/resources/org/springframework/security/config/spring-security-6.0.rnc b/config/src/main/resources/org/springframework/security/config/spring-security-6.0.rnc
index 038971e556..047a52c3f8 100644
--- a/config/src/main/resources/org/springframework/security/config/spring-security-6.0.rnc
+++ b/config/src/main/resources/org/springframework/security/config/spring-security-6.0.rnc
@@ -1270,6 +1270,9 @@ xss-protection.attlist &=
xss-protection.attlist &=
## Add mode=block to the header or not, default is on.
attribute block {xsd:boolean}?
+xss-protection.attlist &=
+ ## Specify the value for the X-Xss-Protection header. When set, overrides both enabled and block attributes.
+ attribute header-value {"0"|"1"|"1; mode=block"}?
content-type-options =
## Add a X-Content-Type-Options header to the resopnse. Value is always 'nosniff'.
diff --git a/config/src/main/resources/org/springframework/security/config/spring-security-6.0.xsd b/config/src/main/resources/org/springframework/security/config/spring-security-6.0.xsd
index acccfe1410..6d26042745 100644
--- a/config/src/main/resources/org/springframework/security/config/spring-security-6.0.xsd
+++ b/config/src/main/resources/org/springframework/security/config/spring-security-6.0.xsd
@@ -3559,6 +3559,20 @@
+
+
+ Specify the value for the X-Xss-Protection header. When set, overrides both enabled and
+ block attributes.
+
+
+
+
+
+
+
+
+
+