add X-Content-Type-Options: nosniff
authorVladimir Krivosheev <vladimir.krivosheev@jetbrains.com>
Fri, 15 Apr 2016 14:45:10 +0000 (16:45 +0200)
committerVladimir Krivosheev <vladimir.krivosheev@jetbrains.com>
Fri, 22 Apr 2016 13:16:44 +0000 (15:16 +0200)
platform/platform-impl/src/org/jetbrains/io/Responses.kt

index 3393b936e7d01dd59d8ef06d96b7f1982c62341b..3efbd25970829cd53e5e0f30f15d0f2b157cab10 100644 (file)
@@ -102,6 +102,7 @@ fun HttpResponse.addCommonHeaders() {
   if (!headers().contains("X-Frame-Options")) {
     headers().set("X-Frame-Options", "SameOrigin")
   }
+  headers().set("X-Content-Type-Options", "nosniff")
 }
 
 fun HttpResponse.send(channel: Channel, close: Boolean) {