HTTP headers | X-Content-Type-Options
The HTTP headers X-Content-Type-Options acts as a marker that indicates the MIME-types headers in the content types headers should not be changed to the server. This header was introduced in the Internet Explorer 8 of Microsoft. This header block the content sniffing (non-executable MIME type into executable MIME type). After that, all the other browsers also introduce the X-Content-Type-Options, and their MIME sniffing algorithms were less aggressive.
Directives: There is a single directive accepted by X-Content-Type-Options header.
To check the X-Content-Type-Options in action go to Inspect Element -> Network check the request header for x-content-type-options like below.
Supported Browsers: The browsers compatible with x-content-type-options header are listed below:
- Google Chrome
- Internet Explorer