X-Content-Type-Options: [nosniff] missing #190
Description
Docs say:
Including X-Content-Type-Options: [nosniff] is recommended, so that browsers will not interpret content as HTML if they are directed to load a page from the registry. This header is included in the example configuration file.
Well, it used to be in the example configuration file, but it's missing from the current version.