X-Content-Type-Options header Error: nosniff

abhishek-ram / django-pyas2

AS2 file transfer Server built on Python and Django.

https://django-pyas2.readthedocs.io

GNU General Public License v3.0

83 stars 31 forks source link

X-Content-Type-Options header Error: nosniff #90

Closed AvatarBhola closed 1 year ago

AvatarBhola commented 1 year ago

Customer asked to stop sending the X-Content-Type-Options header or any other non-compliant headers in the AS2 MDN. See this link : https://www.ibm.com/support/pages/node/294385 Can we disable this param when sending the MDN reciept. Thanks,

chadgates commented 1 year ago

@AvatarBhola : this is a django setting. You should put in your settings.py following: SECURE_CONTENT_TYPE_NOSNIFF = False

Also see: https://docs.djangoproject.com/en/3.2/ref/settings/#secure-content-type-nosniff As of version 3 of django, the default changed to "True".

AvatarBhola commented 1 year ago

Thank you! this resolved this part of the issue.