WordPress.org

Make WordPress Core

Ticket #10671: 10671.diff

File 10671.diff, 827 bytes (added by chrisscott, 8 years ago)
  • wp-admin/admin-ajax.php

     
    2121
    2222require_once('includes/admin.php');
    2323@header('Content-Type: text/html; charset=' . get_option('blog_charset'));
     24@header( 'X-Content-Type-Options: nosniff' );
    2425
    2526do_action('admin_init');
    2627
  • wp-admin/index-extra.php

     
    1313require( 'includes/dashboard.php' );
    1414
    1515@header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) );
     16@header( 'X-Content-Type-Options: nosniff' );
    1617
    1718switch ( $_GET['jax'] ) {
    1819