SAP Knowledge Base Article - Preview

2892335 - "Missing or insecure X-Content-Type-Options header" issue reported for a HANA XSC application


  1. You are running a third-party vulnerability scanner software against some of your HANA XS Engine Classic applications.
  2. The tool returns issue "Missing or insecure X-Content-Type-Options header" for some of them.



  • SAP HANA 1.0 SPS12
  • SAP HANA 2.0  


SAP HANA 1.0, platform edition ; SAP HANA, platform edition 2.0


vulnerability, scan, X-Content-Type-Options, nosniff, .xsaccess , KBA , HAN-AS-XS-ADM , SAP HANA XS Administration , HAN-DB-SEC , SAP HANA Security & User Management , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.