According to my understanding I should add the nosniff
header on each download dialog: X-Content-Type-Options: nosniff
How should I protect an upload dialogs?
Will the header X-Content-Type-Options: nosniff
be enough?
Should I do something in addition? Ensure extension type?