Content type is not specified

2 posts, 0 answers
  1. Almin
    Almin avatar
    1 posts
    Member since:
    Nov 2010

    Posted 14 Jul 2014 Link to this post

    Our client is using Acunetix as their web application scanner - to find security vulnerabilities. One of the findings is about the Telerik.Web.UI.WebResource.axd. Details of the Acunetix below. How can we resolve this? Thanks!



    Acunetix: Content type is not specified

    Description

    This page does not set a Content-Type header value. This value informs the browser what kind of data to expect. If this
    header is missing, the browser may incorrectly handle the data. This could lead to security problems.

    /Telerik.Web.UI.WebResource.axd


    Recommendation
    Set a Content-Type header value for this page
  2. Ianko
    Admin
    Ianko avatar
    1535 posts

    Posted 17 Jul 2014 Link to this post

    Hi Almin,

    Using Telerik Fiddler to investigate all web requests from the browser, I am unable to find any specific request through the WebResource.axd handler that is sent with no content-type header. You can see the results on my end with this screencast.

    If this is a behavior that occurs due to a specific ASP.NET or Telerik control configuration, please provide more details about the exact scenario with which the scenario could be recreated locally.

    Also, I suggest investigating the requests using fiddler to verify the exact headers of the requests.

    Regards,
    Ianko
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
  3. UI for ASP.NET Ajax is Ready for VS 2017
Back to Top