1 files changed, 2 insertions, 2 deletions

diff --git a/itjs.class b/itjs.class
index 45617e8..e49f98f 100644
--- a/itjs.class
+++ b/itjs.class
@@ -21,7 +21,7 @@ class itjs
  */
 function send_headers()
 {
-	if (!preg_match('/Opera/', $_SERVER['HTTP_USER_AGENT']))	# text/plain breaks Opera 8.51/Linux
+	if (!preg_match('/Opera/', $_SERVER['HTTP_USER_AGENT']) && !$_REQUEST['itjs_call'])	# text/plain breaks Opera 8.51/Linux and IFrame fallback
 		header('Content-Type: text/plain; charset=iso-8859-1');	# Berni reported some Firewalls to require this
 
 	header('Expires: ' . gmdate('D, d M Y H:i:s', time()+10) . ' GMT');	# prevent broken data on IE reloads
@@ -35,7 +35,7 @@ function send_headers()
  */
 function serialize($values)
 {
-	if ($callback = $_REQUEST['itjs_call'])
+	if ($callback = it::replace('[^\w.]' => "", $_REQUEST['itjs_call']))
 	{
 		$header = "<script type='text/javascript'>$callback(";
 		$footer = "," . intval($_REQUEST['itjs_callid']) . ")</script>";