Libravatar (obsolete)

  1. Bug #1356347
  2. Activity log

Activity log for bug #1356347

Date Who What changed Old value New value Message
2014-08-13 12:58:41 François Marier bug added bug
2014-08-13 12:59:02 François Marier description MIME-type sniffing on IE can lead to unexpected code execution. It can be disabled using an extra header: X-Content-Type-Options: nosniff It should be added to all avatar-serving responses that aren't redirections, but it could also be sent through with other dynamic and static content. MIME-type sniffing on IE can lead to unexpected code execution. It can be disabled using an extra header:   X-Content-Type-Options: nosniff It should be added to all avatar-serving responses that aren't redirections, but it could also be sent through with other dynamic and static content. http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx
2016-01-18 09:11:00 François Marier tags ie security ie security stretch
2017-05-29 20:41:18 François Marier libravatar: assignee François Marier (fmarier)