mirror of
https://github.com/stefanprodan/podinfo.git
synced 2026-05-22 09:22:49 +00:00
6210e0a920
Regression test for CVE-2026-43644, mirroring the TestStoreReadHandler_ContentType test added in #463. Verifies the echoHandler direct-response branch returns application/octet-stream, X-Content-Type-Options: nosniff, and a restrictive CSP so an HTML payload cannot be MIME-sniffed and executed. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>