Set X-Content-Type-Options header in the response header

### Description:
At the moment, the request's response from the Rocket.Chat server doesn't have the X-Content-Type-Options header. This directive can prevent the incorrect interpretation of resources (MIME sniffing). This prevents the browser from executing content that should not be executed.

We can add this header via a reverse proxy server, but I think the best place for it would be in the core of Rocket.Chat same as `X-XSS-Protection`



### Steps to reproduce:

1. Go to home page of Rocket.Chat
2. Check the response header

### Expected behavior:

The response header should have `X-Content-Type-Options: nosniff`

### Actual behavior:



### Server Setup Information:

- Version of Rocket.Chat Server: 2.2.0
- Operating System: Linux
- Deployment Method: Native
- Number of Running Instances: 1

### Client Setup Information

- Desktop App or Browser Version: Any
- Operating System: Any

### Additional context



### Relevant logs:

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Set X-Content-Type-Options header in the response header #15855

Description:

Steps to reproduce:

Expected behavior:

Actual behavior:

Server Setup Information:

Client Setup Information

Additional context

Relevant logs:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Set X-Content-Type-Options header in the response header #15855

Description

Description:

Steps to reproduce:

Expected behavior:

Actual behavior:

Server Setup Information:

Client Setup Information

Additional context

Relevant logs:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions