You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Basically, I use nginx to forward homebridge-server (with HTTPS and username / password authentication), so that I can have remote access, as my setup is a headless Ubuntu Server. However I found that when setting the "add_header X-Content-Type-Options nosniff;" header, the proxy pass, now returns the page as raw HTML. Commenting out this line fixes this issue, but since I also happen to host a Wordpress on my server (on a different domain of course), this line is very important to me...
The text was updated successfully, but these errors were encountered:
Update: The reason behind this is fairly simple. This line prevents MIME-sniffing a response away from the declared content-type as the header instructs the browser not to override the response content type. With the nosniff option, if the server says the content is text/html, the browser will render it as text/html
Basically, I use nginx to forward homebridge-server (with HTTPS and username / password authentication), so that I can have remote access, as my setup is a headless Ubuntu Server. However I found that when setting the "add_header X-Content-Type-Options nosniff;" header, the proxy pass, now returns the page as raw HTML. Commenting out this line fixes this issue, but since I also happen to host a Wordpress on my server (on a different domain of course), this line is very important to me...
The text was updated successfully, but these errors were encountered: