diff --git a/csp.go b/csp.go
index 242619e..ac68d1a 100644
--- a/csp.go
+++ b/csp.go
@@ -5,9 +5,8 @@ import (
 )
 
 const (
-	cspHeader                = "Content-Security-Policy"
-	frameOptionsHeader       = "X-Frame-Options"
-	contentTypeOptionsHeader = "X-Content-Type-Options"
+	cspHeader          = "Content-Security-Policy"
+	frameOptionsHeader = "X-Frame-Options"
 )
 
 type csp struct {
@@ -27,7 +26,6 @@ func (c csp) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	}
 
 	w.Header().Set(frameOptionsHeader, c.opts.frame)
-	w.Header().Set(contentTypeOptionsHeader, "nosniff")
 
 	c.h.ServeHTTP(w, r)
 }
diff --git a/csp_test.go b/csp_test.go
index 636272b..ae4c6db 100644
--- a/csp_test.go
+++ b/csp_test.go
@@ -11,7 +11,6 @@ import (
 var testCSPHeaders = map[string]string{
 	"Content-Security-Policy": "default-src 'none'; style-src 'self';",
 	"X-Frame-Options":         "SAMEORIGIN",
-	"X-Content-Type-Options":  "nosniff",
 }
 
 func TestContentSecurityPolicy(t *testing.T) {