/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
X-Content-Type-Options nosniff is a security setting that prevents the browser from guessing the mime type of files so that certain kinds of attacks are mitigated.
- Either you are planning to use this option or your security scans return message such as below -
Website does not implement X-Content-Type-Options Best Practices - Add the following header to responses from this website: 'X-Content-Type-Options: nosniff'. - In case you are already have 'X-Content-Type-Options: nosniff'' enabled, then BI Launchpad and CMC may not work as expected.
- You are experiencing issues such as the ones discussed in KBA 3073756
- The following information is required -
- Is X-Content-Type-Options nosniff supported for use with SAP BusinessObjects and it’s add ons in 4.2 and 4.3?
- If this support is contingent on a particular patch level what patch level is that?
Read more...
Environment
SAP BI Platform 4.2 / 4.3 all patch levels
All supported OS and operating platforms
Product
SAP BusinessObjects Business Intelligence platform 4.2 ; SAP BusinessObjects Business Intelligence platform 4.3
Keywords
X-Content-Type-Options nosniff support 4.2 4.3 Businessobjects BI Platform freeze fail header , KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)