Phil Zampino created KNOX-1310:
----------------------------------
Summary: The X-Content-Type-Options header should be set as
'nosniff'
Key: KNOX-1310
URL: https://issues.apache.org/jira/browse/KNOX-1310
Project: Apache Knox
Issue Type: Bug
Components: AdminUI
Affects Versions: 1.0.0
Reporter: Phil Zampino
Assignee: Phil Zampino
Fix For: 1.1.0
|For every response containing a message body, the Admin UI should include a
single Content-type header that correctly and unambiguously states the MIME
type of the content in the response body.
Additionally, the response header "X-Content-Type-Options: nosniff" should be
returned in all responses to reduce the likelihood that browsers will interpret
content in a way that disregards the explicit Content-type header.|
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
