diff options
| author | Matt Selsky <selsky@columbia.edu> | 2012-05-29 17:01:42 +0200 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-05-29 17:01:42 +0200 |
| commit | 9245e5ca7bab659a00bf301f3db22b8d9608f92b (patch) | |
| tree | 59d66b8118bde17dbb1401eb2c3af62516381d7d /Bugzilla | |
| parent | 19b514899d02fde1c53916fe0c0a364548c6ab8d (diff) | |
| download | bugzilla-9245e5ca7bab659a00bf301f3db22b8d9608f92b.tar.gz bugzilla-9245e5ca7bab659a00bf301f3db22b8d9608f92b.tar.xz | |
Bug 671612: Send "X-Content-Type-Options: nosniff" with every response
r/a=LpSolit
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/Attachment/PatchReader.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/CGI.pm | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/Bugzilla/Attachment/PatchReader.pm b/Bugzilla/Attachment/PatchReader.pm index c79b96ed2..e9cb189ef 100644 --- a/Bugzilla/Attachment/PatchReader.pm +++ b/Bugzilla/Attachment/PatchReader.pm @@ -27,7 +27,6 @@ sub process_diff { $last_reader->sends_data_to(new PatchReader::DiffPrinter::raw()); # Actually print out the patch. print $cgi->header(-type => 'text/plain', - -x_content_type_options => "nosniff", -expires => '+3M'); disable_utf8(); $reader->iterate_string('Attachment ' . $attachment->id, $attachment->data); @@ -109,7 +108,6 @@ sub process_interdiff { $last_reader->sends_data_to(new PatchReader::DiffPrinter::raw()); # Actually print out the patch. print $cgi->header(-type => 'text/plain', - -x_content_type_options => "nosniff", -expires => '+3M'); disable_utf8(); } diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index 98fa3d79b..fc29008c3 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -317,6 +317,10 @@ sub header { # and enforce the blocking (rather than the rewriting) mode. unshift(@_, '-x_xss_protection' => '1; mode=block'); + # Add X-Content-Type-Options header to prevent browsers sniffing + # the MIME type away from the declared Content-Type. + unshift(@_, '-x_content_type_options' => 'nosniff'); + return $self->SUPER::header(@_) || ""; } |