WordPress.org

Make WordPress Core

Ticket #10671: 10671.diff

File 10671.diff, 827 bytes (added by chrisscott, 4 years ago)
  • wp-admin/admin-ajax.php

     
    2121 
    2222require_once('includes/admin.php'); 
    2323@header('Content-Type: text/html; charset=' . get_option('blog_charset')); 
     24@header( 'X-Content-Type-Options: nosniff' ); 
    2425 
    2526do_action('admin_init'); 
    2627 
  • wp-admin/index-extra.php

     
    1313require( 'includes/dashboard.php' ); 
    1414 
    1515@header( 'Content-Type: ' . get_option( 'html_type' ) . '; charset=' . get_option( 'blog_charset' ) ); 
     16@header( 'X-Content-Type-Options: nosniff' ); 
    1617 
    1718switch ( $_GET['jax'] ) { 
    1819