Opt-out of content snuffing for admin ajax
|Reported by:||niallkennedy||Owned by:|
Browsers such as Internet Explorer include a MIME-sniffing feature that scans the beginning of a downloaded resource to determine the correct MIME render mode regardless of the Content-Type header. Internet Explorer 8 and Chromium allow page authors to opt-out of the sniff, asserting they don't need content to pass through such a feature.
Adding a HTTP Header of "X-Content-Type-Options: nosniff" eliminates the sniffing process, speeding up content rendering.
Opting-out of browser MIME sniff is especially beneficial on small Ajax payloads. Starting with admin-ajax.php and index-extra.php from wp-admin for that reason.
Change History (10)
6 years ago
- Keywords has-patch added
- Milestone changed from Unassigned to 2.8.5
- Version set to 2.8.4