Closed jdub233 closed 7 years ago
Hi @jdub233, Thank you for contributing this pull request! Please sign the Kaltura CLA so we can review and merge your contribution. Learn more at http://bit.ly/KalturaContrib
Thanks, I've signed the Kaltura CLA.
Thanks @jdub233
The native wp_send_json function correctly sets the Content-Type header to
application/json
rather thantext/html
. This is important for a couple of reasons:Without the correct content type header, any tools that might be automatically scanning output can see the embedded body tag and consider the payload to be a web page. For example, an application monitoring tool like Newrelic is designed to scan all outgoing web pages and inject a performance monitoring javascript after the body tag. The injected script will render the JSON un-parseable and prevents the video players from loading.
Setting the content type correctly will let any injection scanners know that they shouldn’t interfere with the JSON data stream.