feat: replace file content type to avoid load script in svg. (#16454)

Signed-off-by: -LAN- <laipz8200@outlook.com>

api/controllers/files/image_preview.py

@@ -75,6 +75,7 @@ class FilePreviewApi(Resource):
         if args["as_attachment"]:
             encoded_filename = quote(upload_file.name)
             response.headers["Content-Disposition"] = f"attachment; filename*=UTF-8''{encoded_filename}"
+        response.headers["Content-Type"] = "application/octet-stream"
 
         return response