TIBCO Spotfire® Server and Environment - Installation and Administration

X-Content-Type-Options

The X-Content-Type-Options HTTP header can be used to prevent user agents, such as web browsers or Spotfire Analyst clients, from guessing the MIME content type. Instead, they will always use the declared content type.

The X-Content-Type-Options header is enabled by default.

The feature can be switched off by running the following commands in the <server installation directory>\tomcat\spotfire-bin directory on the command line: 
config export-config --force
config set-config-prop -n security.x-content-type-options.enabled -v false
config import-config -c "Disabled X-Content-Type-Options"
If switched off, the feature can be switched on again by running the following commands: 
config export-config --force
config set-config-prop -n security.x-content-type-options.enabled -v true
config import-config -c "Enabled X-Content-Type-Options"
For details on using the Spotfire command line, See Executing commands on the command line.
Copyright © Cloud Software Group, Inc. All rights reserved.