]> BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/Api/BookExportApiController.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Added safe mime sniffing to prevent serving HTML
[bookstack] / app / Http / Controllers / Api / BookExportApiController.php
diff --git a/app/Http/Controllers/Api/BookExportApiController.php b/app/Http/Controllers/Api/BookExportApiController.php
index c7d121f88636cec083594f2c5f376eb2f6e273b8..028bc3a817ebf726b358ca0f7b8d47f393695bf8 100644 (file)
--- a/app/Http/Controllers/Api/BookExportApiController.php
+++ b/app/Http/Controllers/Api/BookExportApiController.php
@@ -13,6 +13,7 @@ class BookExportApiController extends ApiController
     public function __construct(ExportFormatter $exportFormatter)
     {
         $this->exportFormatter = $exportFormatter;
+        $this->middleware('can:content-export');
     }
 
     /**
The core source code for the BookStack project.