Is your feature request related to a problem? Please describe.
A security scanner reported the vulnerability Web Server Misconfiguration: Insecure Content-Type Setting because plone.restapi responses do not include the charset specification in the Content-Type header. Currently, responses return content-type:application/json without charset, which can lead to potential Cross-Site Scripting vulnerabilities due to incorrect interpretation of the character encoding.
Describe the solution you'd like
I would like plone.restapi to automatically include the charset specification in all JSON responses. The Content-Type header should be:
content-type: application/json; charset=utf-8
Is your feature request related to a problem? Please describe.
A security scanner reported the vulnerability
Web Server Misconfiguration: Insecure Content-Type Settingbecauseplone.restapiresponses do not include the charset specification in the Content-Type header. Currently, responses returncontent-type:application/jsonwithout charset, which can lead to potential Cross-Site Scripting vulnerabilities due to incorrect interpretation of the character encoding.Describe the solution you'd like
I would like
plone.restapito automatically include the charset specification in all JSON responses. The Content-Type header should be: