From 4a179dfad982decf354abd83d5ff8e36527ecced Mon Sep 17 00:00:00 2001 From: Alexander Ebert Date: Sun, 24 May 2015 18:41:44 +0200 Subject: [PATCH] Rejecting response if content-type mismatches in WoltLab/WCF/Ajax/Request --- wcfsetup/install/files/js/WoltLab/WCF/Ajax/Request.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/wcfsetup/install/files/js/WoltLab/WCF/Ajax/Request.js b/wcfsetup/install/files/js/WoltLab/WCF/Ajax/Request.js index aa5c0b37a0..78039062d4 100644 --- a/wcfsetup/install/files/js/WoltLab/WCF/Ajax/Request.js +++ b/wcfsetup/install/files/js/WoltLab/WCF/Ajax/Request.js @@ -22,6 +22,7 @@ define(['Core', 'Language', 'DOM/ChangeListener', 'DOM/Util', 'UI/Dialog', 'Wolt this._options = Core.extend({ // request data data: {}, + responseType: 'application/json', type: 'POST', url: '', @@ -87,7 +88,13 @@ define(['Core', 'Language', 'DOM/ChangeListener', 'DOM/Util', 'UI/Dialog', 'Wolt this._xhr.onload = function() { if (this.readyState === XMLHttpRequest.DONE) { if (this.status >= 200 && this.status < 300 || this.status === 304) { - self._success(this, options); + if (options.responseType && options.responseType !== this.getResponseHeader('Content-Type')) { + // request succeeded but invalid response type + self._failure(this, options); + } + else { + self._success(this, options); + } } else { self._failure(this, options); -- 2.20.1