X-Content-Type-Options
Checks for MIME type sniffing protection
Checks for MIME type sniffing protection
| Rule ID | security/x-content-type |
| Category | Security |
| Scope | Site-wide |
| Severity | info |
| Weight | 3/10 |
Solution
X-Content-Type-Options: nosniff prevents browsers from MIME-sniffing responses, which could lead to security vulnerabilities. This is especially important for sites that allow file uploads or serve user-generated content. Simply add the header: X-Content-Type-Options: nosniff. This has no downside and improves security.
Enable / Disable
Disable this rule
squirrel.toml
toml[rules]
disable = ["security/x-content-type"]Disable all Security rules
squirrel.toml
toml[rules]
disable = ["security/*"]Enable only this rule
squirrel.toml
toml[rules]
enable = ["security/x-content-type"]
disable = ["*"]