On 9/5/19 9:20 AM, Sebastian Streich wrote:
In Firefox 70 I intend to enable nosniff support for
page navigations by default.
We're still doing stream converters for navigations even if that header
is sent. Is that intended? I filed
https://bugzilla.mozilla.org/show_bug.cgi?id=1579176 to
On Thu, Sep 5, 2019 at 6:21 AM Sebastian Streich
wrote:
> Link to standard:
> https://fetch.spec.whatwg.org/#x-content-type-options-header
That bit of the standard doesn't describe this behavior--it still only
talks about scripts and style. Is there an issue or PR to update the spec
to
Currently the Support for “X-Content-Type-Options: nosniff“ is limited to
CSS and JS resources. In Firefox 70 I intend to enable nosniff support for
page navigations by default.
If a server's response does not include any mime-type but sets the response
header "XCTO: nosniff" then Firefox will
3 matches
Mail list logo
