$jsonp_enabled =
apply_filters( 'rest_jsonp_enabled', true
);
$jsonp_callback = false;
if ( isset( $_GET['_jsonp'
] ) ) { $jsonp_callback =
$_GET['_jsonp'
];
} $content_type =
( $jsonp_callback &&
$jsonp_enabled ) ? 'application/javascript' : 'application/json';
$this->
send_header( 'Content-Type',
$content_type . '; charset=' .
get_option( 'blog_charset'
) );
$this->
send_header( 'X-Robots-Tag', 'noindex'
);
$api_root =
get_rest_url();
if ( !
empty( $api_root ) ) { $this->
send_header( 'Link', '<' .
sanitize_url( $api_root ) . '>; rel="https://api.w.org/"'
);
} /*
* Mitigate possible JSONP Flash attacks.
*
* https://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/
*/