API-Security-Checklist icon indicating copy to clipboard operation
API-Security-Checklist copied to clipboard
verified publisher icon shieldfy

Should add "Content-Disposition" to response header?

Open nevermoe opened this issue 7 years ago • 0 comments

It's better to add Content-Disposition: attachment; filename="api.json" to response header in the case that some browsers had the vulnerability of nosniff bypass. But for keeping this guideline simple, maybe this shouldn't be added. How do you think?

nevermoe avatar Mar 14 '18 03:03 nevermoe