X-Content Type Options
Last updated
Last updated
© 2025 Medianova. All rights reserved.
The X-Content-Type-Options feature in the Medianova Cloud Panel helps protect your website from MIME sniffing vulnerabilities by ensuring that browsers adhere strictly to the content type specified by the origin server. This prevents browsers from interpreting content types incorrectly, reducing the risk of attacks like cross-site scripting (XSS) or content injection.
Prevent MIME Sniffing: Disables the MIME sniffing functionality in browsers like Internet Explorer and Chrome.
Strict Content Type Enforcement: Ensures that the browser uses the MIME type sent by the origin server, rather than attempting to infer the content type.
Simple On/Off Toggle: Quickly enable or disable the feature with a toggle.
Log in to the Cloud Panel: Access the Medianova Cloud Panel and navigate to the CDN Resources section from the left-hand menu.
Select the Relevant Resource: Choose the resource where you want to enable X-Content-Type Options.
Enable X-Content-Type Options: Locate the X-Content-Type Options setting and toggle it to On to activate the feature.
Submit Your Configuration: Click the Submit button to save and apply your changes.
Notes:
When On, browsers are instructed to respect the content type specified by the server, preventing them from attempting to detect the MIME type on their own.
When Off, the browser may try to infer the MIME type, which could potentially lead to vulnerabilities if the content is misinterpreted.
Enabling X-Content-Type Options is an important security measure that helps protect your site from content-type-based vulnerabilities and ensures that browsers handle content as intended.