X-Content-Type-Options

X-Content-Type-Options is a HTTP header that prevents browsers from MIME-sniffing a response away from the declared content-type. This helps prevent attacks where browsers might interpret files as a different content-type than what was intended. The header should be set to 'nosniff' to enforce strict MIME type checking.