From fa7d4c2b3966f92963bdfd7ef0cc58659f475f64 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sun, 1 Jul 2012 13:45:20 +0200
Subject: [PATCH] Disable mimesniffing

---
 lib/json.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/json.php b/lib/json.php
index dfc0a7b894..de655ebf33 100644
--- a/lib/json.php
+++ b/lib/json.php
@@ -15,6 +15,8 @@ class OC_JSON{
 		if (!self::$send_content_type_header){
 			// We send json data
 			header( 'Content-Type: '.$type );
+			// Force download
+			header( 'Content-Disposition: attachment' );
 			self::$send_content_type_header = true;
 		}
 	}
@@ -85,11 +87,11 @@ class OC_JSON{
 	* Encode and print $data in json format
 	*/
 	public static function encodedPrint($data,$setContentType=true){
-		if(!isset($_SERVER['PATH_INFO']) || $_SERVER['PATH_INFO'] == '') {
+			// Disable mimesniffing, don't move this to setContentTypeHeader!
+			header( 'X-Content-Type-Options: nosniff' );
 			if($setContentType){
 				self::setContentTypeHeader();
 			}
 			echo json_encode($data);
-		}
 	}
 }
-- 
GitLab