diff options
author | Reed Loden <reed@reedloden.com> | 2010-08-03 19:51:23 +0200 |
---|---|---|
committer | Reed Loden <reed@reedloden.com> | 2010-08-03 19:51:23 +0200 |
commit | 4b55507617d308ffda2803c2815d49028fc22b1c (patch) | |
tree | a951fd6b82c3d8ff1bf75b05f19b5c58fe7786fc | |
parent | 8ba061b3f6ced9f3b54321160496ac3d94a9a398 (diff) | |
download | bugzilla-4b55507617d308ffda2803c2815d49028fc22b1c.tar.gz bugzilla-4b55507617d308ffda2803c2815d49028fc22b1c.tar.xz |
Bug 453425 - Send "X-Content-Type-Options: nosniff" header when displaying attachments so IE8 doesn't try to sniff the content type.
[r=LpSolit a=LpSolit]
-rwxr-xr-x | attachment.cgi | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/attachment.cgi b/attachment.cgi index 5bb2a8537..8e69d388f 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -338,7 +338,8 @@ sub view { } print $cgi->header(-type=>"$contenttype; name=\"$filename\"", -content_disposition=> "$disposition; filename=\"$filename\"", - -content_length => $attachment->datasize); + -content_length => $attachment->datasize, + -x_content_type_options => "nosniff"); disable_utf8(); print $attachment->data; } |