diff --git a/morss/morss.py b/morss/morss.py index 117058d..e7f71c8 100644 --- a/morss/morss.py +++ b/morss/morss.py @@ -487,6 +487,7 @@ def cgi_app(environ, start_response): # headers headers['status'] = '200 OK' headers['cache-control'] = 'max-age=%s' % DELAY + headers['x-content-type-options'] = 'nosniff' # safari work around if options.cors: headers['access-control-allow-origin'] = '*' diff --git a/www/.htaccess b/www/.htaccess index 4a07f46..9b5238d 100644 --- a/www/.htaccess +++ b/www/.htaccess @@ -4,9 +4,6 @@ ErrorDocument 403 "Access forbidden" ErrorDocument 404 /cgi/main.py ErrorDocument 500 "A very nasty bug found his way onto this very server" -# Work around for Safari -Header set X-Content-Type-Options "nosniff" - deny from all