The current http header sent with each reply on '/ajax/ajax_facets/refresh' sets the http content type as text/html.

When a Drupal project using ajax facets sits behind a Web Application Firewall this causes issues (WAF).

The WAF sees the 'text/html' header and escapes json elements and injects html/body elements into the response.

Adding "header('Content-Type: application/json');" before the json is printed out rectifies the issue.

Comments

willemviljoen created an issue. See original summary.

  • eugene.ilyin committed abedcf1 on 7.x-3.x
    Issue #2776555: WAF issues on incorrect HTTP content type header
    
eugene.ilyin’s picture

Great. I agree with you. Committed.

eugene.ilyin’s picture

Status: Active » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.