paulcsmith
commented
6 years ago @joeldrapper 🎉
Closed snadon closed 6 years ago
paulcsmith
commented
6 years ago @joeldrapper 🎉
paulcsmith
commented
6 years ago Closing in favor of https://github.com/luckyframework/lucky/issues/565
The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ’nosniff’. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.