Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

profile-service is returning text/html as the content type for JSONP responses #21

Open
ansell opened this issue Jun 17, 2019 · 0 comments
Open

profile-service is returning text/html as the content type for JSONP responses #21

ansell opened this issue Jun 17, 2019 · 0 comments
Assignees
@Rita-C
Labels
bug

Comments

@ansell
Copy link

ansell commented Jun 17, 2019

Yesterday we debugged an issue where the cause was profile-service returning text/html instead of text/javascript for JSONP responses. This caused the browser to fail the request when the security header X-Content-Type-Options: nosniff was enabled. Temporarily patched nginx to not include the nosniff header, but the bug of returning text/html as the content type for these JSONP responses should be fixed so that the security header can be switched on again.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Rita-C Rita-C

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ansell @Rita-C