diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[HttpKernel] Revert BC breaking change of Request::isMethodSafe()

This commit is contained in:
Nicolas Grekas 2016-11-23 13:49:06 +01:00
parent 30d161c0ae
commit 0c3b7d7b8d
6 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
View File

@ -190,7 +190,7 @@ class BinaryFileResponse extends Response
if (!$this->headers->has('Accept-Ranges')) {
// Only accept ranges on safe HTTP methods
$this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
$this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
}
if (!$this->headers->has('Content-Type')) {

6
src/Symfony/Component/HttpFoundation/Request.php
View File

@ -1466,11 +1466,13 @@ class Request
/**
* Checks whether the method is safe or not.
*
* @param bool $andCacheable Adds the additional condition that the method should be cacheable. True by default.
*
* @return bool
*/
public function isMethodSafe()
public function isMethodSafe(/* $andCacheable = true */)
{
return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE'));
return in_array($this->getMethod(), 0 < func_num_args() && !func_get_arg(0) ? array('GET', 'HEAD', 'OPTIONS', 'TRACE') : array('GET', 'HEAD'));
}
/**

9
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
View File

@ -1929,7 +1929,7 @@ class RequestTest extends \PHPUnit_Framework_TestCase
{
$request = new Request();
$request->setMethod($method);
$this->assertEquals($safe, $request->isMethodSafe());
$this->assertEquals($safe, $request->isMethodSafe(false));
}
public function methodSafeProvider()
@ -1948,6 +1948,13 @@ class RequestTest extends \PHPUnit_Framework_TestCase
);
}
public function testMethodSafeChecksCacheable()
{
$request = new Request();
$request->setMethod('OPTION');
$this->assertFalse($request->isMethodSafe());
}
/**
* @dataProvider methodCacheableProvider
*/

2
src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
View File

@ -81,7 +81,7 @@ class FragmentListener implements EventSubscriberInterface
protected function validateRequest(Request $request)
{
// is the Request safe?
if (!$request->isMethodSafe()) {
if (!$request->isMethodSafe(false)) {
throw new AccessDeniedHttpException();
}

2
src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
View File

@ -202,7 +202,7 @@ class HttpCache implements HttpKernelInterface, TerminableInterface
}
$this->traces[$request->getMethod().' '.$path] = array();
if (!$request->isMethodSafe()) {
if (!$request->isMethodSafe(false)) {
$response = $this->invalidate($request, $catch);
} elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
$response = $this->pass($request, $catch);

2
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
View File

@ -209,7 +209,7 @@ class ExceptionListener
protected function setTargetPath(Request $request)
{
// session isn't required when using HTTP basic authentication mechanism for example
if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {
$request->getSession()->set('_security.'.$this->providerKey.'.target_path', $request->getUri());
}
}