Those functions set proper content-types that prevent rendering of
data. Therefore it's safe to mark them as sanitizers.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* respond to a call
* @param \OC\OCS\Result $result
* @param string $format the format xml|json
+ * @psalm-taint-escape html
*/
public static function respond($result, $format = 'xml') {
$request = \OC::$server->getRequest();
* Send json error msg
* @deprecated Use a AppFramework JSONResponse instead
* @suppress PhanDeprecatedFunction
+ * @psalm-taint-escape html
*/
public static function error($data = []) {
$data['status'] = 'error';
* Send json success msg
* @deprecated Use a AppFramework JSONResponse instead
* @suppress PhanDeprecatedFunction
+ * @psalm-taint-escape html
*/
public static function success($data = []) {
$data['status'] = 'success';