--- a/mod_http_upload_external/README.markdown Sun Oct 21 14:54:19 2018 +0100
+++ b/mod_http_upload_external/README.markdown Sun Oct 21 15:09:29 2018 +0100
@@ -195,7 +195,7 @@
Some browsers may also benefit from explicitly telling them not to try guessing the type of a file:
```
-X-Content-Type-Options "nosniff"
+X-Content-Type-Options: nosniff
```
#### Security headers
@@ -204,7 +204,7 @@
content is not understood or trusted by the upload service:
```
-Content-Security-Policy: "default-src 'none'"
-X-Content-Security-Policy: "default-src 'none'"
-X-WebKit-CSP: "default-src 'none'"
+Content-Security-Policy: default-src 'none'
+X-Content-Security-Policy: default-src 'none'
+X-WebKit-CSP: default-src 'none'
```