diff options
author | Benaka Moorthi <benaka.moorthi@gmail.com> | 2013-06-19 10:40:05 +0400 |
---|---|---|
committer | Benaka Moorthi <benaka.moorthi@gmail.com> | 2013-06-19 10:40:05 +0400 |
commit | e8ec08565cf6975c57323fa3eb2535b664f6b8b7 (patch) | |
tree | 687f35ab83502159b1bbdd8a96cdaa28cf8fa78e /plugins/Dashboard/Controller.php | |
parent | f9af4b22914721e71f9f430ffa00be8a2d156158 (diff) |
Make sure 'Content-Type: application/json' is sent w/ default result of Dashboard.getAllDashboards controller action and use $.text for untrusted content in three places in dashboard.js.
Diffstat (limited to 'plugins/Dashboard/Controller.php')
-rw-r--r-- | plugins/Dashboard/Controller.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/plugins/Dashboard/Controller.php b/plugins/Dashboard/Controller.php index 0fdbba275f..b9e84b891b 100644 --- a/plugins/Dashboard/Controller.php +++ b/plugins/Dashboard/Controller.php @@ -153,8 +153,11 @@ class Piwik_Dashboard_Controller extends Piwik_Controller public function getAllDashboards() { $this->checkTokenInUrl(); + if (Piwik::isUserIsAnonymous()) { + Piwik_DataTable_Renderer_Json::sendHeaderJSON(); echo '[]'; + return; } |