diff --git a/morss/morss.py b/morss/morss.py
index 117058d..e7f71c8 100644
--- a/morss/morss.py
+++ b/morss/morss.py
@@ -487,6 +487,7 @@ def cgi_app(environ, start_response):
     # headers
     headers['status'] = '200 OK'
     headers['cache-control'] = 'max-age=%s' % DELAY
+    headers['x-content-type-options'] = 'nosniff' # safari work around
 
     if options.cors:
         headers['access-control-allow-origin'] = '*'
diff --git a/www/.htaccess b/www/.htaccess
index 4a07f46..9b5238d 100644
--- a/www/.htaccess
+++ b/www/.htaccess
@@ -4,9 +4,6 @@ ErrorDocument 403 "Access forbidden"
 ErrorDocument 404 /cgi/main.py
 ErrorDocument 500 "A very nasty bug found his way onto this very server"
 
-# Work around for Safari
-Header set X-Content-Type-Options "nosniff"
-
 <Files ~ "\.(py|pyc|db|log)$">
 	deny from all
 </Files>