From cf26dddb154d1a4015f1dada4ee2ff8ce6801c81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A1ra=20El-Saig?= Date: Fri, 29 Dec 2023 14:21:29 +0100 Subject: [PATCH] Update xmldoc to make it clear that it's a quote. --- .../Security/ApplicationBuilderExtensions.cs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs index 1f6dcef5..c2eb7511 100644 --- a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs +++ b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs @@ -56,11 +56,11 @@ public static IApplicationBuilder UseContentSecurityPolicyHeader(this IApplicati /// Adds a middleware that sets the X-Content-Type-Options header to nosniff. /// /// - /// The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of - /// Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response - /// body to be interpreted and displayed as a content type other than the declared content type. Current (younger - /// than early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than - /// performing MIME-sniffing. + /// As per the documentation: "The Anti-MIME-Sniffing + /// header X-Content-Type-Options was not set to ’nosniff’. This allows older versions of Internet Explorer and + /// Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted + /// and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions + /// of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing." /// public static IApplicationBuilder UseNosniffContentTypeOptionsHeader(this IApplicationBuilder app) => app.Use(async (context, next) =>