Stopping browsers from MIME sniffing, usually via the X-Content-Type-Options header.
Questions tagged [nosniff]
2 questions
0
votes
1 answer
Is mime-sniffing still something to protect against with modern browsers (with X-Content-Type-Options)?
I have read about X-Content-Type-Options and it says often that it protects against IE mime sniffing problems.
I am wondering if in 2021 it is still valid and a problem for modern browsers? In other words, will it be beneficial for my web server…
![](../../users/profiles/36623.webp)
Ilya Chernomordik
- 2,197
- 1
- 21
- 36
0
votes
0 answers
Clarification regarding the "nosniff" content type protection
According to my understanding I should add the nosniff header on each download dialog: X-Content-Type-Options: nosniff
How should I protect an upload dialogs?
Will the header X-Content-Type-Options: nosniff be enough?
Should I do something in…
![](../../users/profiles/24842.webp)
Michael
- 1,457
- 1
- 18
- 36