HTTP X-Content-Type-Options Header

By: Dusty Arlia
Published on Sunday, June 22, 2014, 07:55 PM
Last Updated on Saturday, July 11, 2015 at 3:27 PM
Total Updates: 2

The X-Content-Type-Options HTTP header has only one possible value: nosniff. It prevents Internet Explorer from MIME-sniffing an HTTP response in some other way than from using the declared content-type. This also applies to Google Chrome, when downloading extensions. Here is an example:

X-Content-Type-Options: nosniff