Disable mimesniffing

author Lukas Reschke <lukas@statuscode.ch>

Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)

committer Lukas Reschke <lukas@statuscode.ch>

Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)
author Lukas Reschke <lukas@statuscode.ch>
Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)
committer Lukas Reschke <lukas@statuscode.ch>
Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)
diff --git a/lib/json.php b/lib/json.php

index 4eab4fce9f6e5700d9c7ba44bc3f11a76d0ca193..7cd9ba371d75464f3f583d2e3de6ca4c43bdefbc 100644 (file)
--- a/lib/json.php
+++ b/lib/json.php
@@ -15,6 +15,8 @@ class OC_JSON{
                 if (!self::$send_content_type_header){
                         // We send json data
                         header( 'Content-Type: '.$type );
+                       // Force download
+                       header( 'Content-Disposition: attachment' );
                         self::$send_content_type_header = true;
                 }
         }
@@ -94,12 +96,12 @@ class OC_JSON{
         * Encode and print $data in json format
         */
         public static function encodedPrint($data,$setContentType=true){
-               if(!isset($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '') {
+                       // Disable mimesniffing, don't move this to setContentTypeHeader!
+                       header( 'X-Content-Type-Options: nosniff' );
                         if($setContentType){
                                 self::setContentTypeHeader();
                         }
                         array_walk_recursive($data, array('OC_JSON', 'to_string'));
                         echo json_encode($data);
-               }
         }
  }
author	Lukas Reschke <lukas@statuscode.ch>
	Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)
committer	Lukas Reschke <lukas@statuscode.ch>
	Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)