X

The Latest Technology Stack News Directly from EBS Development

Nosniff Now Available for EBS 12.2 and 12.1

Elke Phelps
Product Management Director

We are pleased to announce a security enhancement whereby nosniff header response code is automatically used by Oracle E-Business Suite Releases 12.2 and 12.1.3.

Allowing the browser to guess the MIME type of a file provides attackers the ability to trick the browser into executing malicious content. Using nosniff header response code tells the browser to strictly interpret the MIME type of the file and to not guess MIME type based on the content. 

Requirements

This feature is automatically enabled for all Oracle E-Business Suite Release 12.2.x and 12.1.3 customers who apply the October 2018 or higher Critical Patch Update (CPU).   

References

Related Articles

Join the discussion

Comments ( 2 )
  • Samir Shah Wednesday, May 1, 2019
    Hi Elke,

    How do I enable this security feature in EBS 12.1.3? Is there a note to do that?

    Please let me know.

    Thanks,

    Samir Shah
  • Elke Phelps (Oracle Development) Wednesday, May 1, 2019
    Samir -

    The feature is automatically enabled for EBS 12.2 and 12.1.3 after you apply the EBS patch delivered with the October 2018 CPU or higher.

    Per the references section in this article:
    The latest CPU is available here:
    http://support.oracle.com/rs?type=doc&id=2484000.1

    The October 2018 CPU is available here:
    https://support.oracle.com/rs?type=doc&id=2445688.1

    Regards,
    Elke
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha