Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/attachment.cgi
diff options
context:
space:
mode:
authorMatt Selsky <selsky@columbia.edu>2012-05-29 17:01:42 +0200
committerFrédéric Buclin <LpSolit@gmail.com>2012-05-29 17:01:42 +0200
commit9245e5ca7bab659a00bf301f3db22b8d9608f92b (patch)
tree59d66b8118bde17dbb1401eb2c3af62516381d7d /attachment.cgi
parentBug 754673 - CSRF vulnerability in query.cgi allows possible unauthorized use... (diff)
downloadbugzilla-9245e5ca7bab659a00bf301f3db22b8d9608f92b.tar.gz
bugzilla-9245e5ca7bab659a00bf301f3db22b8d9608f92b.tar.bz2
bugzilla-9245e5ca7bab659a00bf301f3db22b8d9608f92b.zip
Bug 671612: Send "X-Content-Type-Options: nosniff" with every response
r/a=LpSolit
Diffstat (limited to 'attachment.cgi')
-rwxr-xr-xattachment.cgi3
1 files changed, 1 insertions, 2 deletions
diff --git a/attachment.cgi b/attachment.cgi
index 2bc6e5454..92f48d05d 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -385,8 +385,7 @@ sub view {
}
print $cgi->header(-type=>"$contenttype; name=\"$filename\"",
-content_disposition=> "$disposition; filename=\"$filename\"",
- -content_length => $attachment->datasize,
- -x_content_type_options => "nosniff");
+ -content_length => $attachment->datasize);
disable_utf8();
print $attachment->data;
}