Auto set content type options [Removed in Security Center 1.3.3]

Release version: Australia

Updated March 12, 2026

1 minute to read

Configure the Auto set content type options property on your instance to prevent MIME confusion attacks.

Use this property to control the X-Content-Type-Options response HTTP header. The X-Content-Type-Options response HTTP header is used by the server to indicate that the MIME types advertised in the Content-Type headers should be followed. If this property is set to false, then it is possible for an attacker to conduct MIME confusion attacks; if set to true then this header will prevent the browser from interpreting files as anything but the content type in the HTTP headers.

Warning:

The value for this property is a no DB override. It can't be altered or overridden.

More information


Attribute	Description
Configuration name	glide.security.header.auto_set_x_content_type_options
Configuration type	System Properties (/sys_properties_list.do)
Data type	Boolean
Recommended value	true
Default value	false
Category	Configuration
Security risk	Severity score: 7.3 CVSS score: High Security risk details: Setting this property to false could make it possible for an attacker to conduct MIME confusion attacks.
Dependencies and prerequisites	None
References	Add a system property