github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-07-05 20:41:51 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

JSON not JS brainfart

Browse source
This commit is contained in:
divinity76 2022-07-23 09:29:12 +02:00 committed by GitHub
parent 0682f7b10c
commit 7c4e9bad7d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
web/api/v1/upload/UploadHandler.php
View file

@ -1193,7 +1193,7 @@ class UploadHandler
}
if(!headers_sent()){
// this is the most likely/expected path.
header("Content-Type: text/javascript; charset=UTF-8");
header("Content-Type: application/json");
} else {
// html-encode json to prevent xss...
$json = htmlentities($json, ENT_QUOTES | ENT_SUBSTITUTE | ENT_DISALLOWED | ENT_HTML401);