From b04d95b1160673dbaa80ce214f22e931e8c93178 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sun, 13 Apr 2014 12:48:16 +0200
Subject: [PATCH] Remove uneeded usages of nosniff

---
 lib/private/json.php                             | 2 --
 lib/public/appframework/http/jsonresponse.php    | 1 -
 tests/lib/appframework/http/JSONResponseTest.php | 7 -------
 3 files changed, 10 deletions(-)

diff --git a/lib/private/json.php b/lib/private/json.php
index 4ccdb490a6..34f81c3b8c 100644
--- a/lib/private/json.php
+++ b/lib/private/json.php
@@ -119,8 +119,6 @@ class OC_JSON{
 	* Encode and print $data in json format
 	*/
 	public static function encodedPrint($data, $setContentType=true) {
-		// Disable mimesniffing, don't move this to setContentTypeHeader!
-		header( 'X-Content-Type-Options: nosniff' );
 		if($setContentType) {
 			self::setContentTypeHeader();
 		}
diff --git a/lib/public/appframework/http/jsonresponse.php b/lib/public/appframework/http/jsonresponse.php
index 6628c4514d..6d029b7464 100644
--- a/lib/public/appframework/http/jsonresponse.php
+++ b/lib/public/appframework/http/jsonresponse.php
@@ -49,7 +49,6 @@ class JSONResponse extends Response {
 	public function __construct($data=array(), $statusCode=Http::STATUS_OK) {
 		$this->data = $data;
 		$this->setStatus($statusCode);
-		$this->addHeader('X-Content-Type-Options', 'nosniff');
 		$this->addHeader('Content-type', 'application/json; charset=utf-8');
 	}
 
diff --git a/tests/lib/appframework/http/JSONResponseTest.php b/tests/lib/appframework/http/JSONResponseTest.php
index b9b7c7d638..fbaae1b922 100644
--- a/tests/lib/appframework/http/JSONResponseTest.php
+++ b/tests/lib/appframework/http/JSONResponseTest.php
@@ -79,13 +79,6 @@ class JSONResponseTest extends \PHPUnit_Framework_TestCase {
 		$this->assertEquals($expected, $this->json->render());
 	}
 
-
-	public function testShouldHaveXContentHeaderByDefault() {
-		$headers = $this->json->getHeaders();
-		$this->assertEquals('nosniff', $headers['X-Content-Type-Options']);
-	}
-
-
 	public function testConstructorAllowsToSetData() {
 		$data = array('hi');
 		$code = 300;
-- 
GitLab