during some investigation of the Umbraco codebase I noticed some weird output in calls to the provisioning endpoints such as /install/api/PostPerformInstall. The response started with the characters )]}', simply a bunch of unwanted closing tags since there are no opening tags.
Investigation of the codebase led to the AngularJsonMediaTypeFormatter class, which does this:
using (StreamWriter writer = new StreamWriter(writeStream, encoding))
{
writer.Write(")]}',\n");
writer.Flush();
return base.WriteToStreamAsync(type, value, writeStream, content, transportContext);
}
Given that is a bad practice of writing closing tags without doing the opening tags in the same method, I thought I'd report this issue here.
AngularJsonMediaTypeFormatter generates invalid JSON responses
Hi,
during some investigation of the Umbraco codebase I noticed some weird output in calls to the provisioning endpoints such as /install/api/PostPerformInstall. The response started with the characters )]}', simply a bunch of unwanted closing tags since there are no opening tags. Investigation of the codebase led to the AngularJsonMediaTypeFormatter class, which does this:
Given that is a bad practice of writing closing tags without doing the opening tags in the same method, I thought I'd report this issue here.
Regards,
Wouter
Hi Wouter,
this attribute is used to prevent vulnerabilitie attacks when using json with angularjs.
What it does is indeed prepent the response with some characters, but Angularjs will strip these.
Read more about it here: AngularJS $http under Security Considerations.
Hope this helps.
/Michaël
Nice! Thanks. Something new to learn every day!
Wouter
No problem!
Have a nice day
/Michaël
Hi,
how can i disable it? In some reasons i dont want to have it as response. Is there another Formater for V9, so i dont need create my own?
is working on a reply...