WordPress.org

Make WordPress Core


Ignore:
Timestamp:
02/25/2010 09:41:33 PM (10 years ago)
Author:
westi
Message:

Introduce send_nosniff_header() and use it to turn off content sniffing in supported browsers. Fixes #10671 props chrisscott and niallkennedy.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/misc.php

    r13382 r13409  
    650650    return true;
    651651}
     652
     653/**
     654 * Send a HTTP header to disable content type sniffing in browsers which support it.
     655 *
     656 * @link http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-v-comprehensive-protection.aspx
     657 * @link http://src.chromium.org/viewvc/chrome?view=rev&revision=6985
     658 *
     659 * @since 3.0.0.
     660 * @return none
     661 */
     662function send_nosniff_header() {
     663    @header( 'X-Content-Type-Options: nosniff' );
     664}
    652665?>
Note: See TracChangeset for help on using the changeset viewer.