diff options
Diffstat (limited to 'internal/context')
| -rw-r--r-- | internal/context/context.go | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/internal/context/context.go b/internal/context/context.go index 142fd241..a34398a2 100644 --- a/internal/context/context.go +++ b/internal/context/context.go @@ -335,6 +335,10 @@ func Contexter() macaron.Handler { c.renderNoticeBanner() + // 🚨 SECURITY: Prevent MIME type sniffing in some browsers, + // see https://github.com/gogs/gogs/issues/5397 for details. + c.Header().Set("X-Content-Type-Options", "nosniff") + ctx.Map(c) } } |