From 4e63981da9a02d8a6c2393ad6773edf558222530 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sun, 1 Jul 2012 13:45:20 +0200
Subject: [PATCH] Disable mimesniffing

---
 lib/json.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/json.php b/lib/json.php
index 4eab4fce9f..7cd9ba371d 100644
--- a/lib/json.php
+++ b/lib/json.php
@@ -15,6 +15,8 @@ class OC_JSON{
 		if (!self::$send_content_type_header){
 			// We send json data
 			header( 'Content-Type: '.$type );
+			// Force download
+			header( 'Content-Disposition: attachment' );
 			self::$send_content_type_header = true;
 		}
 	}
@@ -94,12 +96,12 @@ class OC_JSON{
 	* Encode and print $data in json format
 	*/
 	public static function encodedPrint($data,$setContentType=true){
-		if(!isset($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '') {
+			// Disable mimesniffing, don't move this to setContentTypeHeader!
+			header( 'X-Content-Type-Options: nosniff' );
 			if($setContentType){
 				self::setContentTypeHeader();
 			}
 			array_walk_recursive($data, array('OC_JSON', 'to_string'));
 			echo json_encode($data);
-		}
 	}
 }
-- 
GitLab