如何测试网站的X-content-type-options标头? [英] How to test website for X-content-type-options header?
本文介绍了如何测试网站的X-content-type-options标头?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
How to Test website for X-Content-Type-Options header?
你能否告诉我找到
Could you please tell me the list of tools that find the
X-Content-Type-Options
的工具列表
我有什么尝试过:
我已经尝试但是获得了在线网址,但我正在尝试检查任何提供安全性测试的工具。
What I have tried:
I have tried but got the online urls but i am trying to check in any tools which provide security to test.
推荐答案
您可以使用任何可以发送HTTP HEAD请求并解析答案的工具。
curl 例如:
You can use any tool that can send a HTTP HEAD request and parse the answer.
With curl for example:
# curl -I http://www.codeproject.com
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 59
Content-Type: text/html; charset=utf-8
Location: https://www.codeproject.com/
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: vk=11a1dc35-ac44-42c8-92a3-d78f457ca2c0; domain=.codeproject.com; expires=Tue, 11-Sep-2018 04:00:00 GMT; path=/; HttpOnly
Set-Cookie: SessionGUID=1fa7e3c1-5c50-4037-9c56-4bd24e70b1fc; path=/; HttpOnly
Date: Mon, 11 Sep 2017 14:15:59 GMT
这篇关于如何测试网站的X-content-type-options标头?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文