Issue 2551257
Created on 2023-02-02 01:24 by rouilj, last changed 2023-02-23 21:23 by rouilj.
msg7711 |
Author: [hidden] (rouilj) |
Date: 2023-02-02 01:24 |
|
Downloads using the @@file path (and arguably regular tracker/issue1 url's) should
set the X-Content-Type-Options: nosniff header to prevent browsers from trying to determine
the mime type on their own.
|
msg7731 |
Author: [hidden] (rouilj) |
Date: 2023-02-23 21:23 |
|
Fixed on rev 765222ef4cec, Added only for user uploaded files (anything in FileClass served via
SendFile exception. These are the ones that are likely to be a security issue.
|
|
Date |
User |
Action |
Args |
2023-02-23 21:23:49 | rouilj | set | status: new -> fixed priority: normal resolution: fixed messages:
+ msg7731 assignee: rouilj |
2023-02-02 01:24:41 | rouilj | create | |
|