- From: Adam Barth <whatwg@adambarth.com>
- Date: Wed, 3 Jun 2009 01:04:10 -0700
On Wed, Jun 3, 2009 at 12:36 AM, Philip Taylor <excors+whatwg at gmail.com> wrote: > http://blogs.msdn.com/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx > - it's "X-Content-Type-Options: nosniff" now (and is used a bit in > practice - it's on about 0.1% of pages from > http://www.dotnetdotcom.org/, though about half of them are owned by > Google or Microsoft). The ironic twist to this story is that HTTP responses that include the nosniff directive are 50% more likely to have a missing or incorrect Content-Type header. Adam
Received on Wednesday, 3 June 2009 01:04:10 UTC