From 2ff16f86c06053884b7643d18c65a579fa656112 Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Thu, 31 Oct 2024 11:54:54 +0100
Subject: [PATCH] Fix XSS in example event dispatcher

---
 event_dispatcher.rst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/event_dispatcher.rst b/event_dispatcher.rst
index ab3428f6cb0..0a41064ad79 100644
--- a/event_dispatcher.rst
+++ b/event_dispatcher.rst
@@ -41,6 +41,7 @@ The most common way to listen to an event is to register an **event listener**::
             // Customize your response object to display the exception details
             $response = new Response();
             $response->setContent($message);
+            $response->headers->set('Content-Type', 'text/plain; charset=utf-8');
 
             // HttpExceptionInterface is a special type of exception that
             // holds status code and header details