security header for older browsers to prevent content sniffing
This commit is contained in:
parent
1d056b203b
commit
cd5fab8c2f
1 changed files with 1 additions and 0 deletions
|
@ -98,6 +98,7 @@ def send_file(env, path : String, mime_type : String? = nil)
|
|||
file_path = File.expand_path(path, Dir.current)
|
||||
mime_type ||= Kemal::Utils.mime_type(file_path)
|
||||
env.response.content_type = mime_type
|
||||
env.response.headers["X-Content-Type-Options"] = "nosniff"
|
||||
minsize = 860 # http://webmasters.stackexchange.com/questions/31750/what-is-recommended-minimum-object-size-for-gzip-performance-benefits ??
|
||||
request_headers = env.request.headers
|
||||
filesize = File.size(file_path)
|
||||
|
|
Loading…
Reference in a new issue