From f2168738bd670763242cc12629ae601260d4b471 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sat, 16 Jan 2016 19:17:19 +0000 Subject: [PATCH] set correct content type for JSON requests --- lam/HISTORY | 3 ++- .../lib/141_jquery-validationEngine-lang.php | 6 ++++- lam/templates/misc/ajax.php | 24 +++++++++++++------ 3 files changed, 24 insertions(+), 9 deletions(-) diff --git a/lam/HISTORY b/lam/HISTORY index c056642c..5466ec25 100644 --- a/lam/HISTORY +++ b/lam/HISTORY @@ -5,7 +5,8 @@ March 2016 5.3 - Personal/Unix: support K5KEY hash type for smbk5pwd - New NIS netgroup module for hosts - fixed bugs: - -> autoload errors in tree view + -> Autoload errors in tree view + -> Set correct content type on JSON requests (174) - LAM Pro: -> Support for LDAP views based on nsview object class -> Password notification jobs support to print expiration date in email diff --git a/lam/templates/lib/141_jquery-validationEngine-lang.php b/lam/templates/lib/141_jquery-validationEngine-lang.php index db897559..e823deb1 100644 --- a/lam/templates/lib/141_jquery-validationEngine-lang.php +++ b/lam/templates/lib/141_jquery-validationEngine-lang.php @@ -4,7 +4,7 @@ $Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) Copyright (C) 2010 Cedric Dugas and Olivier Refalo - 2011 - 2015 Roland Gruber + 2011 - 2016 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -30,6 +30,10 @@ if (strtolower(session_module_name()) == 'files') { session_save_path(dirname(__FILE__) . '/../../sess'); } +if (!headers_sent()) { + header('Content-Type: application/json; charset=utf-8'); +} + @session_start(); setlanguage(); diff --git a/lam/templates/misc/ajax.php b/lam/templates/misc/ajax.php index e06748e0..1bbc9f8b 100644 --- a/lam/templates/misc/ajax.php +++ b/lam/templates/misc/ajax.php @@ -3,18 +3,18 @@ $Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) - Copyright (C) 2011 - 2015 Roland Gruber + Copyright (C) 2011 - 2016 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA @@ -53,14 +53,15 @@ lamAjax::handleRequest(); * Manages all AJAX requests. */ class lamAjax { - + /** * Manages an AJAX request. */ public static function handleRequest() { + lamAjax::setHeader(); // check token validateSecurityToken(false); - + if (isset($_GET['module']) && isset($_GET['scope']) && in_array($_GET['module'], getAvailableModules($_GET['scope']))) { if (isset($_GET['useContainer']) && ($_GET['useContainer'] == '1')) { if (!isset($_SESSION['account'])) die(); @@ -89,6 +90,15 @@ class lamAjax { } } + /** + * Sets JSON HTTP header. + */ + private function setHeader() { + if (!headers_sent()) { + header('Content-Type: application/json; charset=utf-8'); + } + } + /** * Manages a password change request on the edit account page. * @@ -98,7 +108,7 @@ class lamAjax { $return = $_SESSION['account']->setNewPassword($input); echo json_encode($return); } - + /** * Checks if a password is accepted by LAM's password policy. * @@ -109,7 +119,7 @@ class lamAjax { $result = checkPasswordStrength($password, null, null); echo json_encode(array("result" => $result)); } - + }