MIME type sniffing

MIME type sniffing is an operation conducted by many browsers. Each browser behaves differently on that matter, but overall, MIME sniffing is an action where they determine a page content type depending on that page content. This is can be dangerous as it could allow attackers to hide HTML code into a .jpg file, and have the visitor's browser interpret the page and execute client code (XSS) because the browser determined the file was HTML code instead of a JPG image.

The XCTO (X-Content-Type-Options) security header can be used to indicate that the MIME types advertised in the Content-Type headers should be followed and not be changed by the browser depending on the pages content. Websites that implement that security header with the nosniff directive must also include a valid Content-Type header in their responses.

Resources

What Is MIME Sniffing? - KeyCDN SupportKeyCDN

https://www.denimgroup.com/resources/blog/2019/05/mime-sniffing-in-browsers-and-the-security-implications/www.denimgroup.com

Mitigating MIME Confusion Attacks in Firefox – Mozilla Security BlogMozilla Security Blog

MIME Sniffing Standard

PreviousClickjacking NextCORS (Cross-Origin Resource Sharing)

Last updated 2 years ago