[jira] [Resolved] (KNOX-1310) The X-Content-Type-Options header should be set as 'nosniff'

Phil Zampino (JIRA) Tue, 15 May 2018 19:23:09 -0700

     [ 
https://issues.apache.org/jira/browse/KNOX-1310?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Phil Zampino resolved KNOX-1310.
--------------------------------
    Resolution: Fixed

> The X-Content-Type-Options header should be set as 'nosniff'
> ------------------------------------------------------------
>
>                 Key: KNOX-1310
>                 URL: https://issues.apache.org/jira/browse/KNOX-1310
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: AdminUI
>    Affects Versions: 1.0.0
>            Reporter: Phil Zampino
>            Assignee: Phil Zampino
>            Priority: Major
>             Fix For: 1.1.0
>
>
> |For every response containing a message body, the Admin UI should include a 
> single Content-type header that correctly and unambiguously states the MIME 
> type of the content in the response body.
>  
> Additionally, the response header "X-Content-Type-Options: nosniff" should be 
> returned in all responses to reduce the likelihood that browsers will 
> interpret content in a way that disregards the explicit Content-type header.|



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1310) The X-Content-Type-Options header should be set as 'nosniff'

Reply via email to