X-Content-Type-Options
The X-Content-Type-Options HTTP header can be used to prevent user agents, such as web browsers or Spotfire Analyst clients, from guessing the MIME content type. Instead, they will always use the declared content type.
The X-Content-Type-Options header is enabled by default.
The feature can be switched off by running the following commands in the
<server installation directory>\tomcat\spotfire-bin directory on the command line:
config export-config --force
config set-config-prop -n security.x-content-type-options.enabled -v false
config import-config -c "Disabled X-Content-Type-Options"
If switched off, the feature can be switched on again by running the following commands:
config export-config --force
config set-config-prop -n security.x-content-type-options.enabled -v true
config import-config -c "Enabled X-Content-Type-Options"
For details on using the
Spotfire command line, See
Executing commands on the command line.
Parent topic: Optional security HTTP headers