MIME type sniffing

GPTKB entity

Statements (24)
Predicate Object
gptkbp:instanceOf Web security concept
gptkbp:alsoKnownAs content sniffing
gptkbp:category Web standards
Web security
gptkbp:cause gptkb:cross-site_scripting_(XSS)
security vulnerabilities
content spoofing
gptkbp:describedBy gptkb:WHATWG_HTML_Living_Standard
gptkb:RFC_7231
https://www.w3.org/2000/01/rdf-schema#label MIME type sniffing
gptkbp:mitigatedBy setting correct Content-Type header
using X-Content-Type-Options: nosniff
gptkbp:prevention X-Content-Type-Options: nosniff
gptkbp:purpose determine file type when Content-Type is missing or incorrect
gptkbp:relatedTo web browsers
mime
Content-Type header
gptkbp:riskFactor browser may execute malicious content
gptkbp:usedBy gptkb:Google_Chrome
gptkb:Internet_Explorer
gptkb:Mozilla_Firefox
gptkb:Microsoft_Edge
gptkbp:bfsParent gptkb:MIME_Sniffing_Standard
gptkbp:bfsLayer 5