Closed davidmz closed 3 years ago
Add explicit list of the attachments' MIME types that should be served with 'Content-Disposition: inline'. All other attachments should be served with 'Content-Disposition: attachment' to prevent in-browser execution of active content.
Add explicit list of the attachments' MIME types that should be served with 'Content-Disposition: inline'. All other attachments should be served with 'Content-Disposition: attachment' to prevent in-browser execution of active content.