From d644289fcb6054b3829d26b3bb0b7dcba310bca5 Mon Sep 17 00:00:00 2001 From: Gusted Date: Sat, 22 Jan 2022 23:58:09 +0000 Subject: [PATCH] Backport: Disable content sniffing on `PlainTextBytes` (#18365) - Backport of #18359 --- modules/context/context.go | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/context/context.go b/modules/context/context.go index 5038850649..dd571b4d78 100644 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -291,6 +291,7 @@ func (ctx *Context) PlainTextBytes(status int, bs []byte) { } ctx.Resp.WriteHeader(status) ctx.Resp.Header().Set("Content-Type", "text/plain;charset=utf-8") + ctx.Resp.Header().Set("X-Content-Type-Options", "nosniff") if _, err := ctx.Resp.Write(bs); err != nil { log.Error("Write bytes failed: %v", err) }