mirror of https://github.com/MISP/MISP
Additionnal protection against XSS, the response type defaults to html while it should be JSON. (#6118)
parent
c161e25372
commit
4f8140cd33
|
@ -342,7 +342,7 @@ class UserSettingsController extends AppController
|
|||
)
|
||||
);
|
||||
$result = $this->UserSetting->setSetting($this->Auth->user(), $setting);
|
||||
return $this->RestResponse->saveSuccessResponse('UserSettings', 'setHomePage', false, $this->response->type(), 'Homepage set to ' . $this->request->data['path']);
|
||||
return $this->RestResponse->saveSuccessResponse('UserSettings', 'setHomePage', false, 'json', 'Homepage set to ' . $this->request->data['path']);
|
||||
} else {
|
||||
$this->layout = false;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue