diff options
Diffstat (limited to 'Bugzilla/CGI.pm')
| -rw-r--r-- | Bugzilla/CGI.pm | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index 7135f7c48..a16ae6686 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -316,6 +316,10 @@ sub header { unshift(@_, '-x_frame_options' => 'SAMEORIGIN'); } + # Add X-Content-Type-Options header to prevent browsers sniffing + # the MIME type away from the declared Content-Type. + unshift(@_, '-x_content_type_options' => 'nosniff'); + return $self->SUPER::header(@_) || ""; } |