X-Content-Type-Options

  • Resolved Paco42

    (@pacart42)


    7 years, 3 months ago

    Hi,

    Not a real problem, but I’m facing something I don’t understand.

    I’m using plugin’s version 1.7.1.
    I’m testing HTTP Headers plugin to replace WP Content Security Policy that seems to be abandoned.
    HTTP Headers seems also useful to send other headers without modifying any files.

    I tested some websites with Dareboost and with X-Content-Type-Options at “on” and “nosniff”. Dareboost don’t see this header even if browsers see it.
    If I put the X-Content-Type-Options in the apache conf, Dareboost sees it.

    Anyone, any ideas ?

Viewing 1 replies (of 1 total)
  • Plugin Author Dimitar Ivanov

    (@zinoui)

    That is because the X-Content-Type-Options is sent only with the main HTML document. In the next release, I will extend that so scripts and styles will have it too.

    Regards,

Viewing 1 replies (of 1 total)
  • The topic ‘X-Content-Type-Options’ is closed to new replies.