Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

4.x Add X-Content-Type-Options: nosniff to responses from /health and /metrics and other Helidon-provided services #9679

Open
tjquinno opened this issue Jan 23, 2025 · 0 comments
Open

4.x Add X-Content-Type-Options: nosniff to responses from /health and /metrics and other Helidon-provided services #9679

tjquinno opened this issue Jan 23, 2025 · 0 comments
Assignees
@tjquinno
Labels
4.x Version 4.x enhancement New feature or request P2 webserver

Comments

@tjquinno
Copy link
Member

Environment Details

  • Helidon Version: 4.x
  • Helidon SE or Helidon MP both
  • JDK version:
  • OS:
  • Docker version (if applicable):

Problem Description

The X-Content-Type-Options: nosniff header discourages browsers from doing MIME-type sniffing.

Should all Helidon-provided services include this header?
@tjquinno tjquinno added 4.x Version 4.x webserver labels Jan 23, 2025
@tjquinno tjquinno added this to Backlog Jan 23, 2025
@github-project-automation github-project-automation bot moved this to Triage in Backlog Jan 23, 2025
@m0mus m0mus added enhancement New feature or request P2 labels Jan 30, 2025
@m0mus m0mus moved this from Triage to High priority in Backlog Jan 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tjquinno tjquinno

Labels
4.x Version 4.x enhancement New feature or request P2 webserver
Projects
Backlog
Status: High priority
Milestone
No milestone
Development

No branches or pull requests
2 participants
@m0mus @tjquinno