mirror of
https://github.com/nextcloud/server.git
synced 2026-02-03 20:41:22 -05:00
f9e90e92d4
While not encoding the HTML tags in the JSON response is perfectly fine since we set the proper mimetype as well as disable content sniffing a lot of automated code scanner do report this as security bug. Encoding them leads to less discussions and a lot of saved time.
99 lines
2.5 KiB
PHP
99 lines
2.5 KiB
PHP
<?php
|
|
/**
|
|
* @author Bernhard Posselt <dev@bernhard-posselt.com>
|
|
* @author Morris Jobke <hey@morrisjobke.de>
|
|
* @author Thomas Müller <thomas.mueller@tmit.eu>
|
|
* @author Thomas Tanghus <thomas@tanghus.net>
|
|
*
|
|
* @copyright Copyright (c) 2015, ownCloud, Inc.
|
|
* @license AGPL-3.0
|
|
*
|
|
* This code is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
* as published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Affero General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
*
|
|
*/
|
|
|
|
/**
|
|
* Public interface of ownCloud for apps to use.
|
|
* AppFramework\HTTP\JSONResponse class
|
|
*/
|
|
|
|
namespace OCP\AppFramework\Http;
|
|
|
|
use OCP\AppFramework\Http;
|
|
|
|
/**
|
|
* A renderer for JSON calls
|
|
* @since 6.0.0
|
|
*/
|
|
class JSONResponse extends Response {
|
|
|
|
/**
|
|
* response data
|
|
* @var array|object
|
|
*/
|
|
protected $data;
|
|
|
|
|
|
/**
|
|
* constructor of JSONResponse
|
|
* @param array|object $data the object or array that should be transformed
|
|
* @param int $statusCode the Http status code, defaults to 200
|
|
* @since 6.0.0
|
|
*/
|
|
public function __construct($data=array(), $statusCode=Http::STATUS_OK) {
|
|
$this->data = $data;
|
|
$this->setStatus($statusCode);
|
|
$this->addHeader('Content-Type', 'application/json; charset=utf-8');
|
|
}
|
|
|
|
|
|
/**
|
|
* Returns the rendered json
|
|
* @return string the rendered json
|
|
* @since 6.0.0
|
|
* @throws \Exception If data could not get encoded
|
|
*/
|
|
public function render() {
|
|
$response = json_encode($this->data, JSON_HEX_TAG);
|
|
if($response === false) {
|
|
throw new \Exception(sprintf('Could not json_encode due to invalid ' .
|
|
'non UTF-8 characters in the array: %s', var_export($this->data, true)));
|
|
}
|
|
|
|
return $response;
|
|
}
|
|
|
|
/**
|
|
* Sets values in the data json array
|
|
* @param array|object $data an array or object which will be transformed
|
|
* to JSON
|
|
* @return JSONResponse Reference to this object
|
|
* @since 6.0.0 - return value was added in 7.0.0
|
|
*/
|
|
public function setData($data){
|
|
$this->data = $data;
|
|
|
|
return $this;
|
|
}
|
|
|
|
|
|
/**
|
|
* Used to get the set parameters
|
|
* @return array the data
|
|
* @since 6.0.0
|
|
*/
|
|
public function getData(){
|
|
return $this->data;
|
|
}
|
|
|
|
}
|