diff options
author | Reed Loden <reed@reedloden.com> | 2012-09-09 20:18:13 +0200 |
---|---|---|
committer | Reed Loden <reed@reedloden.com> | 2012-09-09 20:18:13 +0200 |
commit | 5b60e53069cec09fabcdebb9a0f02b1f360b7093 (patch) | |
tree | d75cdaa860626fa35159ac5d84342861cbcabe1a /Bugzilla/CGI.pm | |
parent | eff81ebcc4cca75b7b4feba1fe529d8272855c45 (diff) | |
parent | 36d868c007f778e72ae31c521595515f428edae0 (diff) | |
download | bugzilla-5b60e53069cec09fabcdebb9a0f02b1f360b7093.tar.gz bugzilla-5b60e53069cec09fabcdebb9a0f02b1f360b7093.tar.xz |
Merge from bugzilla/4.2
Diffstat (limited to 'Bugzilla/CGI.pm')
-rw-r--r-- | Bugzilla/CGI.pm | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index 7f98c1653..2feb0b098 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -331,6 +331,10 @@ sub header { # and enforce the blocking (rather than the rewriting) mode. unshift(@_, '-x_xss_protection' => '1; mode=block'); + # Add X-Content-Type-Options header to prevent browsers sniffing + # the MIME type away from the declared Content-Type. + unshift(@_, '-x_content_type_options' => 'nosniff'); + return $self->SUPER::header(@_) || ""; } |