Regarding: X-Content-Type-Options Header Missing

134 views

Skip to first unread message

TechyGlory m

unread,

Apr 9, 2018, 5:34:27 AM4/9/18

to OWASP ZAP User Group

I am testing a spring boot application and testing my api with GET method. I am getting this message "The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'.". How can I ask users to add this parameter in the headers of their requests?

Or how can I resolve this issue. Please suggest

kingthorin+owaspzap

unread,

Apr 9, 2018, 12:39:26 PM4/9/18

to OWASP ZAP User Group

It's a response header, the server shoukd be sending to clients.

Reply all

Reply to author

Forward

0 new messages