X-Content-Type-Options nosniff is a security setting that prevents the browser from guessing the mime type of files so that certain kinds of attacks are mitigated.
- Either you are planning to use this option or your security scans return message such as below -
Website does not implement X-Content-Type-Options Best Practices - Add the following header to responses from this website: 'X-Content-Type-Options: nosniff'.
- In case you are already have 'X-Content-Type-Options: nosniff'' enabled, then BI Launchpad and CMC may not work as expected.
- You are experiencing issues such as the ones discussed in KBA 3073756
- The following information is required -
- Is X-Content-Type-Options nosniff supported for use with SAP BusinessObjects and it’s add ons in 4.2 and 4.3?
- If this support is contingent on a particular patch level what patch level is that?
SAP BI Platform 4.2 / 4.3 all patch levels
All supported OS and operating platforms
X-Content-Type-Options nosniff support 4.2 4.3 Businessobjects BI Platform freeze fail header , KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.