[
https://issues.apache.org/jira/browse/KNOX-1310?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16476793#comment-16476793
]
ASF subversion and git services commented on KNOX-1310:
-------------------------------------------------------
Commit 8f47214ae6da788c67d3432cf3321e6de8dd76db in knox's branch
refs/heads/master from [~pzampino]
[ https://git-wip-us.apache.org/repos/asf?p=knox.git;h=8f47214 ]
KNOX-1310 - Handle custom param value for X-Content-Type-Options header
> The X-Content-Type-Options header should be set as 'nosniff'
> ------------------------------------------------------------
>
> Key: KNOX-1310
> URL: https://issues.apache.org/jira/browse/KNOX-1310
> Project: Apache Knox
> Issue Type: Bug
> Components: AdminUI
> Affects Versions: 1.0.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
> Priority: Major
> Fix For: 1.1.0
>
>
> |For every response containing a message body, the Admin UI should include a
> single Content-type header that correctly and unambiguously states the MIME
> type of the content in the response body.
>
> Additionally, the response header "X-Content-Type-Options: nosniff" should be
> returned in all responses to reduce the likelihood that browsers will
> interpret content in a way that disregards the explicit Content-type header.|
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
