Added a mitigation for polyglot attacks.

.panel_floater is now floated to the right on Nox.

common/routes_common.go

@@ -293,6 +293,7 @@ func preRoute(w http.ResponseWriter, r *http.Request) (User, bool) {
 	h.Set("X-Frame-Options", "deny")
 	h.Set("X-XSS-Protection", "1; mode=block") // TODO: Remove when we add a CSP? CSP's are horrendously glitchy things, tread with caution before removing
 	// TODO: Set the content policy header
+	h.Set("X-Content-Type-Options", "nosniff")
 
 	return *usercpy, true
 }

themes/nox/public/panel.css

@@ -83,7 +83,7 @@
 	padding: 12px;
 }
 
-.to_right, .panel_buttons {
+.to_right, .panel_buttons, .panel_floater {
 	margin-left: auto;
 }