hugo-theme-stack icon indicating copy to clipboard operation
hugo-theme-stack copied to clipboard
verified publisher icon CaiJimmy

X-Content-Type-Options Header is not set.

Open ofgrenudo opened this issue 1 year ago • 1 comments

What happened?

  • /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/

Hugo version

0.115.2

Theme version

v3.21.0

What browsers are you seeing the problem on?

Firefox, Chrome, Safari, Microsoft Edge

More information about the browser

No response

Relevant log output

No response

Link to Minimal Reproducible Example

https://unorthodoxdev.net

ofgrenudo avatar Feb 26 '24 22:02 ofgrenudo

This should be settings on the server, no?

rmdhnreza avatar Feb 27 '24 13:02 rmdhnreza

I agree with @rmdhnreza, this header should be set on the server since it's an HTTP thing and this theme has no control over it.

CaiJimmy avatar Mar 02 '24 22:03 CaiJimmy