Autodesk Forge is now Autodesk Platform Services

Back to Community Blog

17 Jan 2022

Changes on OSS upload and download for Content-Type header [security improvement]

Starting February 7, the OSS upload PUT endpoints will return an HTTP 400 status code if content disposition inline and content types is one of the following:

  • text/xml, application/xml

If your application have already uploaded those files, it will now return an HTTP 400 status code on download.This change should not affect other content disposition formats. This is in addition of the previous announcement made in October 2019 and May 2019 where the following Content-Type where also excluded.

  • text/html, text/javascript, text/x-javascript,
  • application/javascript, application/x-javascript
  • application/xhtml+xml
  • image/svg+xml

Have questions? Please reach our support.

Tags:

Security

Related Article

auth v2 update

5 Jan 2024

Update: Authentication API V2 now accepts credentials in the request's body!

Introduction Almost a year ago, we introduced the new version (V2) of the Authentication API (refer here). Important Update: Authentication...

Authentication
Security
Code Samples

Resources

Get help on StackOverflow
Explore code samples
Find a systems integrator
Contact Autodesk Platform Services