WordPress.org

Make WordPress Core

Ticket #10671: admin-ajax.diff

File admin-ajax.diff, 470 bytes (added by niallkennedy, 9 years ago)

Admin ajax processor with sniff opt-out HTTP header.

  • admin-ajax.php

     
    1717require_once('../wp-load.php');
    1818require_once('includes/admin.php');
    1919@header('Content-Type: text/html; charset=' . get_option('blog_charset'));
     20@header('X-Content-Type-Options: nosniff'); // assert MIME type, disabling content sniffing in supporting browsers
    2021
    2122do_action('admin_init');
    2223