XSS something

3 files changed, 5 insertions, 0 deletions

diff --git a/api/index.js b/api/index.js
index 33f3402..cb84d25 100755
--- a/api/index.js
+++ b/api/index.js
@@ -77,6 +77,7 @@ app.use(session({
 function genericaddtest(req,res){
     console.table(req.body)
     var myobj = req.body;
+    res.set('Content-Type', 'application/json');
     res.send(myobj);
 }
 // POST data
diff --git a/api/routes/getMrk/index.js b/api/routes/getMrk/index.js
index 7e48e1d..097f1f0 100644
--- a/api/routes/getMrk/index.js
+++ b/api/routes/getMrk/index.js
@@ -11,6 +11,7 @@ const config = require("../../config");
  */
 function fetchFmrk(mrk, res){
     const command = spawn("cat",[config.workDir+"/fmrk/"+mrk]);
+    res.set('Content-Type', 'application/json');
     command.stdout.on("data", data => {
     });
 
@@ -44,6 +45,7 @@ function fetchFmrk(mrk, res){
 };
 module.exports = (req, res) => {
     console.log(req.params)
+    res.set('Content-Type', 'application/json');
     if ( (req.params.mrk) && req.params.mrk.length === 128 ){
         regex= /[a-f0-9]{128}/;
         if (regex.test(req.params.mrk)){
diff --git a/api/routes/getTr/index.js b/api/routes/getTr/index.js
index c3c058f..a7acb55 100644
--- a/api/routes/getTr/index.js
+++ b/api/routes/getTr/index.js
@@ -24,6 +24,7 @@ function fetchFtr(tr, res){
 
     command.on("close", code => {
         console.log(`child process exited with code ${code}`);
+        res.set('Content-Type', 'application/json');
 
         if ( code === 0 ) {
             const path = config.workDir+"/ftr/"+tr;
@@ -44,6 +45,7 @@ function fetchFtr(tr, res){
 };
 module.exports = (req, res) => {
     console.log(req.params)
+    res.set('Content-Type', 'application/json');
     if ( (req.params.tr) && req.params.tr.length === 128 ){
         regex= /[a-f0-9]{128}/;
         if (regex.test(req.params.tr)){