Permalink
Browse files

fix(http): make sure all pages/JS/CSS sent with explicit UTF-8 charset

Fixes #9345
  • Loading branch information...
mrclay committed Feb 5, 2016
1 parent 332bac1 commit 3dab7d100641f5ad3e91353106e7bfd8693d63e0
@@ -346,9 +346,9 @@ public function ajaxForwardHook($hook, $reason, $return, $params) {
// however some browsers will not accept the JSON MIME type.
$http_accept = _elgg_services()->request->server->get('HTTP_ACCEPT');
if (stripos($http_accept, 'application/json') === false) {
- header("Content-type: text/plain");
+ header("Content-type: text/plain;charset=utf-8");
} else {
- header("Content-type: application/json");
+ header("Content-type: application/json;charset=utf-8");
}
echo json_encode($params);
@@ -191,11 +191,13 @@ protected function sendContentType($view) {
$segments = explode('/', $view, 2);
switch ($segments[0]) {
case 'css':
- header("Content-Type: text/css", true);
+ header("Content-Type: text/css;charset=utf-8");
break;
case 'js':
- header('Content-Type: text/javascript', true);
+ header('Content-Type: text/javascript;charset=utf-8');
break;
+ default:
+ header('Content-Type: text/html;charset=utf-8');
}
}
View
@@ -1510,10 +1510,10 @@ function _elgg_ajax_page_handler($segments) {
// Try to guess the mime-type
switch ($segments[1]) {
case "js":
- header("Content-Type: text/javascript");
+ header("Content-Type: text/javascript;charset=utf-8");
break;
case "css":
- header("Content-Type: text/css");
+ header("Content-Type: text/css;charset=utf-8");
break;
}
View
@@ -57,6 +57,9 @@
$router = _elgg_services()->router;
$request = _elgg_services()->request;
+// TODO use formal Response object instead
+header("Content-Type: text/html;charset=utf-8");
+
if (!$router->route($request)) {
forward('', '404');
}
@@ -8,7 +8,7 @@
* @uses $vars['body']
*/
-header("Content-Type: application/json");
+header("Content-Type: application/json;charset=utf-8");
echo $vars['body'];
@@ -31,8 +31,8 @@
// allow caching as required by stupid MS products for https feeds.
-header('Pragma: public', true);
-header("Content-Type: text/xml");
+header('Pragma: public');
+header("Content-Type: text/xml;charset=utf-8");
echo "<?xml version='1.0'?>";
echo <<<END

0 comments on commit 3dab7d1

Please sign in to comment.