[HttpFoundation] added a note about JSON responses as arrays (refs #6970)
This commit is contained in:
parent
6a18bfc130
commit
abb32a188e
@ -14,6 +14,12 @@ namespace Symfony\Component\HttpFoundation;
|
|||||||
/**
|
/**
|
||||||
* Response represents an HTTP response in JSON format.
|
* Response represents an HTTP response in JSON format.
|
||||||
*
|
*
|
||||||
|
* Note that this class does not force the returned JSON content to be an
|
||||||
|
* object. It is however recommended that you do return an object as it
|
||||||
|
* protects yourself against XSSI and JSON-JavaScript Hijacking.
|
||||||
|
*
|
||||||
|
* @see https://www.owasp.org/index.php/OWASP_AJAX_Security_Guidelines#Always_return_JSON_with_an_Object_on_the_outside
|
||||||
|
*
|
||||||
* @author Igor Wiedler <igor@wiedler.ch>
|
* @author Igor Wiedler <igor@wiedler.ch>
|
||||||
*/
|
*/
|
||||||
class JsonResponse extends Response
|
class JsonResponse extends Response
|
||||||
|
Reference in New Issue
Block a user