diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-07-01 13:45:20 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-07-01 13:45:20 +0200 |
| commit | 4e63981da9a02d8a6c2393ad6773edf558222530 (patch) | |
| tree | 7c8ed8afbec8db852b6134ec8de959cb95636327 /lib/json.php | |
| parent | b2cb7d54d16aa1ae5904b917b3d597763150d04d (diff) | |
| download | nextcloud-server-4e63981da9a02d8a6c2393ad6773edf558222530.tar.gz nextcloud-server-4e63981da9a02d8a6c2393ad6773edf558222530.zip | |
Disable mimesniffing
Diffstat (limited to 'lib/json.php')
| -rw-r--r-- | lib/json.php | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/json.php b/lib/json.php index 4eab4fce9f6..7cd9ba371d7 100644 --- a/lib/json.php +++ b/lib/json.php @@ -15,6 +15,8 @@ class OC_JSON{ if (!self::$send_content_type_header){ // We send json data header( 'Content-Type: '.$type ); + // Force download + header( 'Content-Disposition: attachment' ); self::$send_content_type_header = true; } } @@ -94,12 +96,12 @@ class OC_JSON{ * Encode and print $data in json format */ public static function encodedPrint($data,$setContentType=true){ - if(!isset($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '') { + // Disable mimesniffing, don't move this to setContentTypeHeader! + header( 'X-Content-Type-Options: nosniff' ); if($setContentType){ self::setContentTypeHeader(); } array_walk_recursive($data, array('OC_JSON', 'to_string')); echo json_encode($data); - } } } |