Goal
- Reduce the risk of downloading dangerous hidden content.
Implementation
Configure the server to address the X-Content-Type-Options header with the value nosniff.
Control
Using an HTTP header inspection tool, check that the X-Content-Type-Options header is present with the value nosniff.