X-Content Type Options

Learn how X-Content-Type-Options prevents MIME sniffing for dynamic content by enforcing declared content types.

The X-Content-Type-Options feature for Dynamic Content Acceleration operates the same way as in Static Content Delivery. It adds the X-Content-Type-Options: nosniff header to viewer responses, instructing browsers not to infer MIME types and to strictly follow the Content-Type sent by the origin. This helps reduce exposure to injection or XSS risks, particularly for script and stylesheet responses. The feature does not modify origin requests or affect CDN caching behavior.

For configuration details, header usage, and examples, refer to the main documentation: Learn more in the X-Content-Type-Options documentation.

PreviousX-XSS Protection NextPurge

Last updated 6 days ago

Was this helpful?