Content/MIME Sniffing Protection
Protect your Umbraco site from MIME sniffing vulnerabilities using security headers like X-Content-Type-Options.
Checks that your site contains a header used to protect against Multipurpose Internet Mail Extensions (MIME) sniffing vulnerabilities.
How to fix this health check
This health check can be fixed by adding a header before the response is started.
Preferable you use a security library like NWebSec.
Adding Content/MIME Sniffing Protection using NWebSec
If you take a NuGet dependency on NWebsec.AspNetCore.Middleware/, you can use third extension methods on WebApplication
.
Adding Content/MIME Sniffing Protection using manual middleware
If you don't like to have a dependency on third party libraries. You can add the following custom middleware to the request pipeline.
First create the middleware class:
Next register it in Program.cs
Last updated