Symptom
X-Content-Type-Options nosniff is a security setting that prevents the browser from guessing the mime type of files so that certain kinds of attacks are mitigated.
- Either you are planning to use this option or your security scans return message such as below -
Website does not implement X-Content-Type-Options Best Practices - Add the following header to responses from this website: 'X-Content-Type-Options: nosniff'. - In case you are already have 'X-Content-Type-Options: nosniff'' enabled, then BI Launchpad and CMC may not work as expected.
- You are experiencing issues such as the ones discussed in SAP Note 3073756
- The following information is required -
- Is X-Content-Type-Options nosniff supported for use with SAP BusinessObjects and it’s add ons in 4.2 and 4.3?
- If this support is contingent on a particular patch level what patch level is that?
Read more...
Environment
SAP BusinessObjects Business Intelligence Platform (BI ) 4.x
Product
SAP BusinessObjects Business Intelligence platform 4.2 ; SAP BusinessObjects Business Intelligence platform 4.3
Keywords
X-Content-Type-Options nosniff support 4.2 4.3 Businessobjects BI Platform freeze fail header , KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , How To
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.