From 47d5a89f406f320cb1c254a27a3422e7c3ffee27 Mon Sep 17 00:00:00 2001
From: Jeff Bradberry <jeff.bradberry@gmail.com>
Date: Mon, 25 Apr 2022 13:45:16 -0400
Subject: [PATCH] Add the X-Content-Type-Options nosniff header

---
 tools/docker-compose/nginx.vh.default.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tools/docker-compose/nginx.vh.default.conf b/tools/docker-compose/nginx.vh.default.conf
index 5a83f2ab03..959d4e2151 100644
--- a/tools/docker-compose/nginx.vh.default.conf
+++ b/tools/docker-compose/nginx.vh.default.conf
@@ -22,6 +22,7 @@ server {
 
     # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
     add_header Strict-Transport-Security max-age=15768000;
+    add_header X-Content-Type-Options nosniff;
 
     location /static/ {
         root /awx_devel;
@@ -84,6 +85,7 @@ server {
 
     # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
     add_header Strict-Transport-Security max-age=15768000;
+    add_header X-Content-Type-Options nosniff;
 
     location /static/ {
         root /awx_devel;