X-Content-Type-Options

The X-Content-Type-Options header can be used to instruct browsers not to guess the MIME time of a resource but only use the Content-Type header. Here’s an example:

X-Content-Type-Options: nosniff

MIME or Multipurpose Internet Mail Extensions (MIME) is an Internet standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs.

Here’s a breakdown of the X-Content-Type-Options header by directives:

nosniff
- This directive instructs the browser not to sniff or guess the MIME type.

Web Application Basics

X-Content-Type-Options