diff --git a/HeadersAnalyzer.py b/HeadersAnalyzer.py
index 04a972b..4dd62ab 100755
--- a/HeadersAnalyzer.py
+++ b/HeadersAnalyzer.py
@@ -516,11 +516,11 @@ def findSecure(self, host, headers):
         if self.xXssProtectionCB.isSelected():
             # X-XSS-Protection
             try:
-                m = re.search("0", headers["x-xss-protection"], re.IGNORECASE)
+                m = re.search("^1*", headers["x-xss-protection"], re.IGNORECASE)
                 if not m:
                     badheaders.append("x-xss-protection")
             except Exception as e:
-                pass
+                missingsecurity.append("x-xss-protection")
 
         if self.HstsCB.isSelected():
             # Strict-Transport-Security (HSTS)
@@ -536,7 +536,7 @@ def findSecure(self, host, headers):
             try:
                 m = re.search("\*", headers["access-control-allow-origin"], re.IGNORECASE)
                 if not m:
-                    badheaders.append("x-xss-protection")
+                    badheaders.append("access-control-allow-origin")
             except Exception as e:
                 pass