X Content Type Options
The following is a quick lesson to recap browser-specific content sniffing vulnerabilities and how they can be mitigated using security headers.
We'll cover the following...
When browsers fetch remote sources of content such as JavaScript or images, they are instructed using the Content-Type
header on the type of content.
For example, when a PDF content type is fetched by the browser, the server hints the browser by setting the following header: ...