MIME 类型
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Basics_of_HTTP/MIME_types
http header
- Content Type
application/x-www-form-urlencode
multipart/form-data
text/plan
Content-Security-Polic
CSP 值缺失或不当会导致 Web 应用程序容易受到 XSS、点击劫持等的攻击csp: {
enable: true,
policy: {
'default-src':'self'
},
}