wiki.techinc.nl

Thijs/wiki.techinc.nl

History

Kunal Mehta 8261b1b72e Set "X-Content-Type-Options: nosniff" header in images/.htaccess MediaWiki already sets this header unconditionally on all requests, but images are served directly by the webserver. We want to remove the IEContentAnalyzer, which currently provides protection against uploading problematic files, so instead we are going to recommend setting this header to instruct browsers to not sniff. Per pingback data, ~83% of reporting installs use Apache. This was suggested by Taavi. Bug: T309787 Change-Id: I8a0c50cc0a8bc037f4c9b0a114f87793446aed7f	2023-02-24 23:59:22 -05:00
..
.htaccess	Set "X-Content-Type-Options: nosniff" header in images/.htaccess	2023-02-24 23:59:22 -05:00
README

Kunal Mehta 8261b1b72e Set "X-Content-Type-Options: nosniff" header in images/.htaccess

MediaWiki already sets this header unconditionally on all requests,
but images are served directly by the webserver. We want to remove the
IEContentAnalyzer, which currently provides protection against
uploading problematic files, so instead we are going to recommend
setting this header to instruct browsers to not sniff.

Per pingback data, ~83% of reporting installs use Apache.

This was suggested by Taavi.

Bug: T309787
Change-Id: I8a0c50cc0a8bc037f4c9b0a114f87793446aed7f

2023-02-24 23:59:22 -05:00

.htaccess

Set "X-Content-Type-Options: nosniff" header in images/.htaccess

2023-02-24 23:59:22 -05:00

README

If uploads are enabled in the wiki, files will be put in subdirectories
under here.