Änderungen

Wechseln zu: Navigation, Suche

X-Content-Type-Options-Vulnerability/EN/Background

14 Bytes hinzugefügt, 08:54, 8. Apr. 2019
keine Bearbeitungszusammenfassung
There is only one definable value "nosniff", which prevents the Internet Explorer and Google Chrome from searching for other possible MIME types, other than the declared Content-Type (for example text/html). For Chrome this also applies to downloading extensions. The [[Header/EN|header ]] entry reduces the load from so-called [https://en.wikipedia.org/wiki/Drive-by_download drive-by download attacks]. Websites with support for uploading files which, if the names are chosen skillfully, will be treated as executable files or as dynamic [[HTML|HTML-Datei]] by the [[Browser]], could infect your computer or other computers with malicious code. For further information on '''X-Content-Type-Options''', please refer to the report by [https://www.golem.de/news/cross-site-scripting-javascript-code-in-bilder-einbetten-1411-110264-2.html Golem.de (German only)].
7.576
Bearbeitungen

Navigationsmenü