-
Baokun Lee authored
The header X-Content-Type-Options:nosniff is an explicit directive that content-type should not be sniffed. ---- https://fetch.spec.whatwg.org/#x-content-type-options-header defines the X-Content-Type-Options header. ["Polyglots: Crossing Origins by Crossing Formats"](http://citeseerx.ist.psu.edu /viewdoc/download?doi=10.1.1.905.2946&rep=rep1&type=pdf) explains Polyglot attacks in more detail. Fixes golang/go#24795 Change-Id: Ibcc2d6a561394392ad0bf112eecc01c43823a2a2 Reviewed-on: https://go-review.googlesource.com/107295Reviewed-by:
Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
84348c2d
| Name |
Last commit
|
Last update |
|---|---|---|
| bpf | ||
| context | ||
| dict | ||
| dns/dnsmessage | ||
| html | ||
| http | ||
| http2 | ||
| icmp | ||
| idna | ||
| internal | ||
| ipv4 | ||
| ipv6 | ||
| lex/httplex | ||
| lif | ||
| nettest | ||
| netutil | ||
| proxy | ||
| publicsuffix | ||
| route | ||
| trace | ||
| webdav | ||
| websocket | ||
| xsrftoken | ||
| .gitattributes | ||
| .gitignore | ||
| AUTHORS | ||
| CONTRIBUTING.md | ||
| CONTRIBUTORS | ||
| LICENSE | ||
| PATENTS | ||
| README.md | ||
| codereview.cfg |