Disable mimesniffing

author Lukas Reschke <lukas@statuscode.ch>

Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)

committer Lukas Reschke <lukas@statuscode.ch>

Sun, 1 Jul 2012 11:53:06 +0000 (13:53 +0200)
author Lukas Reschke <lukas@statuscode.ch>
Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)
committer Lukas Reschke <lukas@statuscode.ch>
Sun, 1 Jul 2012 11:53:06 +0000 (13:53 +0200)
diff --git a/lib/json.php b/lib/json.php

index dfc0a7b894e199187a3d9487c44094b6a431c302..de655ebf33a410c5092b0babdfec0e1d78654563 100644 (file)
--- a/lib/json.php
+++ b/lib/json.php
@@ -15,6 +15,8 @@ class OC_JSON{
                 if (!self::$send_content_type_header){
                         // We send json data
                         header( 'Content-Type: '.$type );
+                       // Force download
+                       header( 'Content-Disposition: attachment' );
                         self::$send_content_type_header = true;
                 }
         }
@@ -85,11 +87,11 @@ class OC_JSON{
         * Encode and print $data in json format
         */
         public static function encodedPrint($data,$setContentType=true){
-               if(!isset($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '') {
+                       // Disable mimesniffing, don't move this to setContentTypeHeader!
+                       header( 'X-Content-Type-Options: nosniff' );
                         if($setContentType){
                                 self::setContentTypeHeader();
                         }
                         echo json_encode($data);
-               }
         }
  }
author	Lukas Reschke <lukas@statuscode.ch>
	Sun, 1 Jul 2012 11:45:20 +0000 (13:45 +0200)
committer	Lukas Reschke <lukas@statuscode.ch>
	Sun, 1 Jul 2012 11:53:06 +0000 (13:53 +0200)