```release-note:security
api: Enforces strict content-type header validation to protect against XSS vulnerability.
```