N°4368 add sending X-Content-Type-Options HTTP header

Replace in consumers the \WebPage::add_xframe_options call by \WebPage::add_http_headers

application/webpage.class.inc.php

@@ -482,12 +482,25 @@ class WebPage implements Page
 		$this->a_headers[] = $s_header;
 	}
 
+	/**
+	 * @param string|null $sXFrameOptionsHeaderValue passed to {@see add_xframe_options}
+	 *
+	 * @return void
+	 * @since 2.7.10 3.0.4 3.1.2 3.2.0 N°4368 method creation, replace {@see add_xframe_options} consumers call
+	 */
+	public function add_http_headers($sXFrameOptionsHeaderValue = null)
+	{
+		$this->add_xframe_options($sXFrameOptionsHeaderValue);
+		$this->add_xcontent_type_options();
+	}
+
 	/**
 	 * @param string|null $sHeaderValue for example `SAMESITE`. If null will set the header using the config parameter value.
 	 *
 	 * @since 2.7.3 3.0.0 N°3416
 	 * @uses security_header_xframe config parameter
 	 * @uses \utils::GetConfig()
+	 *
 	 * @link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
 	 */
 	public function add_xframe_options($sHeaderValue = null)
@@ -499,6 +512,17 @@ class WebPage implements Page
 		$this->add_header('X-Frame-Options: '.$sHeaderValue);
 	}
 
+	/**
+	 * @return void
+	 * @since 2.7.10 3.0.4 3.1.2 3.2.0 N°4368 method creation
+	 *
+	 * @link https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
+	 */
+	public function add_xcontent_type_options()
+	{
+		$this->add_header('X-Content-Type-Options: nosniff');
+	}
+
 	/**
 	 * Add needed headers to the page so that it will no be cached
 	 */