aboutsummaryrefslogtreecommitdiffstats
path: root/mitmproxy/tools
diff options
context:
space:
mode:
Diffstat (limited to 'mitmproxy/tools')
-rw-r--r--mitmproxy/tools/web/app.py3
1 files changed, 3 insertions, 0 deletions
diff --git a/mitmproxy/tools/web/app.py b/mitmproxy/tools/web/app.py
index d04af430..4449a13c 100644
--- a/mitmproxy/tools/web/app.py
+++ b/mitmproxy/tools/web/app.py
@@ -8,6 +8,7 @@ from io import BytesIO
import tornado.web
import tornado.websocket
+import tornado.escape
from mitmproxy import contentviews
from mitmproxy import flow
from mitmproxy import flowfilter
@@ -95,6 +96,8 @@ class BasicAuth:
class RequestHandler(BasicAuth, tornado.web.RequestHandler):
def write(self, chunk):
+ # Writing arrays on the top level is ok nowadays.
+ # http://flask.pocoo.org/docs/0.11/security/#json-security
if isinstance(chunk, list):
chunk = tornado.escape.json_encode(chunk)
self.set_header("Content-Type", "application/json; charset=UTF-8")
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-17 03:13:23 +0000