#127 new
Dimitris Apostolou

Anti-MIME-Sniffing header X-Content-Type-Options for some pages is not set to 'nosniff'

Reported by Dimitris Apostolou | February 9th, 2014 @ 11:50 PM

Header missing on the following pages:
GET: http://gpgtools.org/piwik/piwik.php?idsite=1&rec=1
GET: https://gpgtools.org
GET: https://gpgtools.org/
GET: https://gpgtools.org/css/font.14.css
GET: https://gpgtools.org/css/main.1386177977.css
GET: https://gpgtools.org/css/normalize.css
GET: https://gpgtools.org/donate.html
GET: https://gpgtools.org/gpgsuite.html
GET: https://gpgtools.org/images/gpgmail-small.png
GET: https://gpgtools.org/images/release-notes-icon.png
GET: https://gpgtools.org/images/screenshots/gka-create-key.1375965203.png
GET: https://gpgtools.org/images/screenshots/gka-key-list.1375965203.png
GET: https://gpgtools.org/images/screenshots/gpgmail-error.1375965203.png
GET: https://gpgtools.org/images/screenshots/gpgmail-new-message.1375965...
GET: https://gpgtools.org/images/screenshots/gpgmail-received-message.13...
GET: https://gpgtools.org/js/jquery.scrollTo.min.js
GET: https://gpgtools.org/js/main.14.js
GET: https://gpgtools.org/js/plugins.js
GET: https://gpgtools.org/js/vendor/jquery-1.9.1.min.js
GET: https://gpgtools.org/js/vendor/modernizr-2.6.2.min.js
GET: https://gpgtools.org/news.html
GET: https://gpgtools.org/opensource.html
GET: https://gpgtools.org/piwik/piwik.php?idsite=1&rec=1

Solution:
This check is specific to Internet Explorer 8 and Google Chrome. Ensure each page sets a Content-Type header and the X-CONTENT-TYPE-OPTIONS if the Content-Type header is unknown.

Comments and changes to this ticket

  • Mariyappa

    Mariyappa April 25th, 2014 @ 06:30 AM

    Hello Mr.Dimitris Apostolou

    Please tell how to set X-CONTENT-TYPE-OPTIONS in css, js and html files. Please explain me asap.

    Thanks,
    Mariyappa. A

  • Thomas Loughlin

    Thomas Loughlin December 6th, 2016 @ 10:10 PM

    For apache - normally enable header mod - a2enmod headers, restart service and edit .htaccess to include

    <IfModule mod_headers.c>
  Header set X-Content-Type-Options nosniff
</IfModule>

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Organize issues related to http://gpgtools.org

Shared Ticket Bins

People watching this ticket

Pages