Forum Discussion

Nimbostratus

Aug 09, 2014

Vulnerabilty "web server allows MIME sniffing"

Hi Team, How to mitigate the Vulnerability using Irule or by using any modifications related to HTTP Profiles or HTTP Responses. web server allows MIME sniffing Regards PZ

IheartF5_45022

Nacreous

Aug 12, 2014

I think you need;

when HTTP_RESPONSE { HTTP::header insert X-Content-Type-Options "nosniff" }

Given that the older browsers don't do MIME sniffing, the iRule should remove the alert from your next scan.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Vulnerabilty "web server allows MIME sniffing"

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

2026 301a exam

F5OS login with admin/root failed via console

UCS Encryption Question

Related Content

Web redirections with data group fail if URI contains "?"

OpenSSH vulnerabilties

Web Vulnerability "Information Disclosure via HTTP Headers"

Web interface showing "Starting web server" and CLI shows "logger: Re-starting mcpd" every 2 seconds after shutting down 13.1.0.5 Build 0.0.5 Virtual

APM "Remote Desktop Web Access" Kerberos SSO option

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS