Quite old question but here it goes. The most simple way to do this is setting your browser to Proxy through ZAP. On Firefox you can go to: Options -> Advanced -> Network -> Settings. Select Manual Proxy Configuration and fill the HTTP Host with the address of the machine running ZAP (most probably localhost) … Read more
It prevents the browser from doing MIME-type sniffing. Most browsers are now respecting this header, including Chrome/Chromium, Edge, IE >= 8.0, Firefox >= 50 and Opera >= 13. See : https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx?Redirected=true Sending the new X-Content-Type-Options response header with the value nosniff will prevent Internet Explorer from MIME-sniffing a response away from the declared content-type. EDIT: … Read more