Changeset 37674 for trunk/src/wp-includes/rest-api/class-wp-rest-server.php
- Timestamp:
- 06/10/2016 04:49:09 AM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/rest-api/class-wp-rest-server.php
r37646 r37674 231 231 * Mitigate possible JSONP Flash attacks. 232 232 * 233 * http ://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/233 * https://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/ 234 234 */ 235 235 $this->send_header( 'X-Content-Type-Options', 'nosniff' ); … … 390 390 if ( $jsonp_callback ) { 391 391 // Prepend '/**/' to mitigate possible JSONP Flash attacks 392 // http ://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/392 // https://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/ 393 393 echo '/**/' . $jsonp_callback . '(' . $result . ')'; 394 394 } else {
Note: See TracChangeset
for help on using the changeset viewer.