Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim read-only when hit with a HEAD request (usually link checkers or a precursor to a GET, and should be semantically equivalent to a GET without actually transferring data)
This commit is contained in:
parent
2ed1e9b126
commit
6c67114198
@ -165,7 +165,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction
|
||||
}
|
||||
|
||||
/**
|
||||
* Is this action read only?
|
||||
* We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
|
||||
*
|
||||
* @param array $args other arguments
|
||||
*
|
||||
@ -174,11 +174,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction
|
||||
|
||||
function isReadOnly($args)
|
||||
{
|
||||
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -235,7 +235,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction
|
||||
}
|
||||
|
||||
/**
|
||||
* Is this action read only?
|
||||
* We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
|
||||
*
|
||||
* @param array $args other arguments
|
||||
*
|
||||
@ -244,11 +244,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction
|
||||
|
||||
function isReadOnly($args)
|
||||
{
|
||||
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -215,4 +215,15 @@ class OembedAction extends Action
|
||||
return;
|
||||
}
|
||||
|
||||
/**
|
||||
* Is this action read-only?
|
||||
*
|
||||
* @param array $args other arguments
|
||||
*
|
||||
* @return boolean is read only action?
|
||||
*/
|
||||
function isReadOnly($args)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
@ -145,4 +145,16 @@ class XrdAction extends Action
|
||||
|
||||
return (substr($uri, 0, 5) == 'acct:');
|
||||
}
|
||||
|
||||
/**
|
||||
* Is this action read-only?
|
||||
*
|
||||
* @param array $args other arguments
|
||||
*
|
||||
* @return boolean is read only action?
|
||||
*/
|
||||
function isReadOnly($args)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
@ -165,4 +165,16 @@ class AutocompleteAction extends Action
|
||||
print json_encode($result) . "\n";
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Is this action read-only?
|
||||
*
|
||||
* @param array $args other arguments
|
||||
*
|
||||
* @return boolean is read only action?
|
||||
*/
|
||||
function isReadOnly($args)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user