Commit db9765b4 authored by Lukas Reschke's avatar Lukas Reschke
Browse files

Merge headers

Otherwise the headers from `JSONResponse` are gone and the Content-Type of the response would be `text/html` instead of `application/json; charset=utf-8`. This leads to broken scripts since we set the `nosniff` tag, furthermore this is very bad from a security PoV.
parent e9f0b300
......@@ -70,7 +70,7 @@ abstract class Controller {
$data->getData(),
$data->getStatus()
);
$response->setHeaders($data->getHeaders());
$response->setHeaders(array_merge($data->getHeaders(), $response->getHeaders()));
return $response;
} else {
return new JSONResponse($data);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment