SAP Knowledge Base Article - Preview

2892335 - "Missing or insecure X-Content-Type-Options header" issue reported for a HANA XSC application


  1. You are running a third-party vulnerability scanner software against some of your HANA XS Engine Classic applications.
  2. The tool returns issue "Missing or insecure X-Content-Type-Options header" for some of them.



  • SAP HANA 1.0 SPS12
  • SAP HANA 2.0  


SAP HANA 1.0, platform edition ; SAP HANA, platform edition 2.0


vulnerability, scan, X-Content-Type-Options, nosniff, .xsaccess , KBA , HAN-AS-XS-ADM , SAP HANA XS Administration , HAN-DB-SEC , SAP HANA Security & User Management , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.