diff --git a/lib/router.auth.js b/lib/router.auth.js
index 32a3ad547..004998844 100644
--- a/lib/router.auth.js
+++ b/lib/router.auth.js
@@ -240,6 +240,8 @@ module.exports = function (app) {
                     console.log("logoutAction error", err);
                 }
             });
+        } else {
+            console.log("[warning] logout attempt with undefined res.session!");
         }
         // Redirect to login page, must be on same CORS domain (public_url must be == public_url)...
         res.redirect(app_config.public_url);
diff --git a/lib/router.js b/lib/router.js
index a6054e09f..9a6fffbdb 100644
--- a/lib/router.js
+++ b/lib/router.js
@@ -56,6 +56,9 @@ module.exports = function (app) {
 
   app.all("/*", function (req, res, next) {
 
+    // Default content-type, may be overridden later by Util.responder and others
+    res.header("Content-Type", "text/html; charset=utf-8");
+
     //
     // JWT Key Authentication
     //
diff --git a/lib/thinx/util.js b/lib/thinx/util.js
index e78557ea5..f8234eb09 100644
--- a/lib/thinx/util.js
+++ b/lib/thinx/util.js
@@ -92,6 +92,7 @@ module.exports = class Util {
     } else if (typeOf(object) == "string") {
       res.end(object);
     } else {
+      if (typeof (res.header) === "function") res.header("Content-Type", "application/json; charset=utf-8");
       res.end(JSON.stringify(object));
     }
   }