HTTP - Content Type Header

> (World Wide) Web - (W3|WWW) > (HTTP|HTTPS) - Hypertext Transfer Protocol

1 - About

The Content-Type is header that specify the mime type of a resource


3 - Example

Resources MIME type
HTML text/html
JSON text/json
XML text/xml

4 - Management

4.1 - Sniffing

When the Content-Type is not specified, a user agent such as browser may obtain it through sniffing.

Many web servers supply incorrect Content-Type header fields with their HTTP responses. In order to be compatible with these servers, user agents consider the content of HTTP responses as well as the content-Type header fields when determining the effective media type of the response.

The specification document describes an algorithm for determining the effective media type of HTTP responses that balances security and compatibility considerations.

Configuration to prevent sniffing with the header X-Content-Type-Options: nosniff