Open dhiaayachi opened 1 month ago
Thanks for reporting this potential security issue!
The PR mentions updating unit tests to check for the content-type header. Could you please elaborate on how these unit tests can be used to reproduce the XSS vulnerability, even after applying this fix?
Providing more details on how the vulnerability was identified and the specific steps to reproduce it would be helpful for further investigation.
Description
Added middleware to ensure that content-type header is always set to mitigate XSS vulnerability.
Testing & Reproduction steps
Links
PR Checklist