Explorar o código

setting content type to fix possible XSS attack vector

Serghey Rodin %!s(int64=6) %!d(string=hai) anos
pai
achega
c28c5d29a3
Modificáronse 1 ficheiros con 1 adicións e 1 borrados
  1. 1 1
      web/file_manager/fm_api.php

+ 1 - 1
web/file_manager/fm_api.php

@@ -1,8 +1,8 @@
 <?php
 <?php
-
 // Init
 // Init
 //error_reporting(NULL);
 //error_reporting(NULL);
 
 
+header('Content-Type: application/json');
 
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 include($_SERVER['DOCUMENT_ROOT']."/file_manager/fm_core.php");
 include($_SERVER['DOCUMENT_ROOT']."/file_manager/fm_core.php");