Closed rvanlaar closed 6 years ago
Merging #37 into master will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## master #37 +/- ##
=======================================
Coverage 92.13% 92.13%
=======================================
Files 6 6
Lines 229 229
=======================================
Hits 211 211
Misses 18 18
Impacted Files | Coverage Δ | |
---|---|---|
tinymce/views.py | 86.88% <ø> (ø) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 817d298...c6794ae. Read the comment docs.
I don't see these changes as necessary. Content-Type: application/json
assumes UTF-8 by definition and other endpoints do not return any characters beyond good old 7-bit ASCII.
The content type for application/json
is supposed to be unicode.
For application/javascript
its not. I can be anything. The browser sniffs it itself.
We had a security audit of our application and this was one of the recommended fixes. To specify the charset on all javascript files to make sure there are no unintended consequences.
See a similar ticket for Django: https://code.djangoproject.com/ticket/29511
Technically, there is no such thing as "Unicode" encoding. There are several encodings for binary representation of Unicode codepoints, and UTF-8 is considered the de facto standard. Anyway, I don't have any objections against adding charsets for javascript and css endpoints. Thank you for your contribution.
Sets charset to utf-8. This helps browsers understand which encoding they must use.