This is a migrated thread and some comments may be shown as answers.

Content type is not specified

1 Answer 51 Views
General Discussions
This is a migrated thread and some comments may be shown as answers.
Almin
Top achievements
Rank 1
Almin asked on 14 Jul 2014, 08:54 AM
Our client is using Acunetix as their web application scanner - to find security vulnerabilities. One of the findings is about the Telerik.Web.UI.WebResource.axd. Details of the Acunetix below. How can we resolve this? Thanks!



Acunetix: Content type is not specified

Description

This page does not set a Content-Type header value. This value informs the browser what kind of data to expect. If this
header is missing, the browser may incorrectly handle the data. This could lead to security problems.

/Telerik.Web.UI.WebResource.axd


Recommendation
Set a Content-Type header value for this page

1 Answer, 1 is accepted

Sort by
0
Ianko
Telerik team
answered on 17 Jul 2014, 05:24 AM
Hi Almin,

Using Telerik Fiddler to investigate all web requests from the browser, I am unable to find any specific request through the WebResource.axd handler that is sent with no content-type header. You can see the results on my end with this screencast.

If this is a behavior that occurs due to a specific ASP.NET or Telerik control configuration, please provide more details about the exact scenario with which the scenario could be recreated locally.

Also, I suggest investigating the requests using fiddler to verify the exact headers of the requests.

Regards,
Ianko
Telerik
 

Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

 
Tags
General Discussions
Asked by
Almin
Top achievements
Rank 1
Answers by
Ianko
Telerik team
Share this question
or