upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-09 00:32:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 31

Add sanitizers for JSON output

Browse source 
Those functions set proper content-types that prevent rendering of
data. Therefore it's safe to mark them as sanitizers.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
Lukas Reschke 2020-12-11 21:23:11 +00:00 committed by GitHub
parent 9dd27f923e
commit 8a8aa4f7dc
2 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
lib/private/legacy/OC_API.php
View file

@ -43,6 +43,7 @@ class OC_API {
* respond to a call
* @param \OC\OCS\Result $result
* @param string $format the format xml|json
* @psalm-taint-escape html
*/
public static function respond($result, $format = 'xml') {
$request = \OC::$server->getRequest();

2
lib/private/legacy/OC_JSON.php
View file

@ -99,6 +99,7 @@ class OC_JSON {
* Send json error msg
* @deprecated Use a AppFramework JSONResponse instead
* @suppress PhanDeprecatedFunction
* @psalm-taint-escape html
*/
public static function error($data = []) {
$data['status'] = 'error';
@ -110,6 +111,7 @@ class OC_JSON {
* Send json success msg
* @deprecated Use a AppFramework JSONResponse instead
* @suppress PhanDeprecatedFunction
* @psalm-taint-escape html
*/
public static function success($data = []) {
$data['status'] = 'success';