Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Drupal.

  1. Install and enable the Security Kit (SecKit) module:

    composer require drupal/seckit
drush en seckit

  2. Navigate to Admin > Configuration > System > Security Kit.

  3. Under the "Content Type Sniffing" section, enable X-Content-Type-Options.

  4. Save the configuration.

Back to top