summaryrefslogtreecommitdiff
path: root/doc/details
diff options
context:
space:
mode:
authorMicah Anderson <micah@riseup.net>2016-10-24 11:29:59 -0400
committerMicah Anderson <micah@riseup.net>2016-10-24 11:29:59 -0400
commit53ddc64b6aa98653b35b23c334df605ed26ea60b (patch)
tree721a8d822eebe03e7579d01440845ce34ab038ac /doc/details
parent15f8dd13c6d26fa1ad0d06d3ea03e8df260224db (diff)
Set X-Content-Type-Options nosniff.
Setting this header will prevent the browser from interpreting files as something else than declared by the content type in the HTTP headers. This will prevent the browser from MIME-sniffing a response away from the declared content-type. When this is not set, older versions of Internet Explorer and Chrome perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type.
Diffstat (limited to 'doc/details')
0 files changed, 0 insertions, 0 deletions