This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit ae3ae266986e238ceb9a68fcd53af319a691e2f2
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Thu Mar 26 12:12:37 2020 +0100
Improved: type="text/css" was missing on a call to <<link
rel="stylesheet/less>>
This was reported by OWASP ZAP: "The Content-Type header is missing or
empty."
Considered a low vulnerability
---
themes/rainbowstone/template/includes/Header.ftl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/themes/rainbowstone/template/includes/Header.ftl
b/themes/rainbowstone/template/includes/Header.ftl
index 93a8500..71ba16f 100644
--- a/themes/rainbowstone/template/includes/Header.ftl
+++ b/themes/rainbowstone/template/includes/Header.ftl
@@ -46,7 +46,7 @@ under the License.
<link rel="stylesheet/less"
href="<@ofbizContentUrl>${StringUtil.wrapString(styleSheet)}</@ofbizContentUrl>"
type="text/css"/>
</#list>
</#if>
- <link rel="stylesheet/less"
href="<@ofbizContentUrl>/rainbowstone/${visualTheme.visualThemeId?replace("_","-")?lower_case}.less</@ofbizContentUrl>"/>
+ <link rel="stylesheet/less"
href="<@ofbizContentUrl>/rainbowstone/${visualTheme.visualThemeId?replace("_","-")?lower_case}.less</@ofbizContentUrl>"
type="text/css"/>
<#if layoutSettings.VT_HDR_JAVASCRIPT?has_content>
<#list layoutSettings.VT_HDR_JAVASCRIPT as javaScript>
<script
src="<@ofbizContentUrl>${StringUtil.wrapString(javaScript)}</@ofbizContentUrl>"
type="application/javascript"></script>
