Closed oxtoacart closed 2 weeks ago
It turns out that a lot of content types could result in content being parsed in such a way that JavaScript execution becomes possible. Since we ultimately can't control user-agents, this may not be something we can do anything about.
This prevents Taildrive from being able to serve HTML content, thereby preventing it from being used to distribute malicious JavaScript.
Updates tailscale/corp#19592