orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: :mimetype:application/json

Browse source
This commit is contained in:
defuz 2014-11-05 07:43:00 +03:00
parent 663802e976
commit d4b9b9854c
6 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/security.rst
View file

@ -161,8 +161,8 @@ and social engineers a victim to visiting his site:
If you know a bit of JavaScript internals you might know that it's
possible to patch constructors and register callbacks for setters. An
attacker can use this (like above) to get all the data you exported in
your JSON file. The browser will totally ignore the ``application/json``
mimetype if ``text/javascript`` is defined as content type in the script
your JSON file. The browser will totally ignore the :mimetype:`application/json`
mimetype if :mimetype:`text/javascript` is defined as content type in the script
tag and evaluate that as JavaScript. Because top-level array elements are
allowed (albeit useless) and we hooked in our own constructor, after that
page loaded the data from the JSON response is in the `captured` array.