[HttpKernel] Revert BC breaking change of Request::isMethodSafe()
This commit is contained in:
parent
30d161c0ae
commit
0c3b7d7b8d
|
@ -190,7 +190,7 @@ class BinaryFileResponse extends Response
|
|||
|
||||
if (!$this->headers->has('Accept-Ranges')) {
|
||||
// Only accept ranges on safe HTTP methods
|
||||
$this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
|
||||
$this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
|
||||
}
|
||||
|
||||
if (!$this->headers->has('Content-Type')) {
|
||||
|
|
|
@ -1466,11 +1466,13 @@ class Request
|
|||
/**
|
||||
* Checks whether the method is safe or not.
|
||||
*
|
||||
* @param bool $andCacheable Adds the additional condition that the method should be cacheable. True by default.
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
public function isMethodSafe()
|
||||
public function isMethodSafe(/* $andCacheable = true */)
|
||||
{
|
||||
return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE'));
|
||||
return in_array($this->getMethod(), 0 < func_num_args() && !func_get_arg(0) ? array('GET', 'HEAD', 'OPTIONS', 'TRACE') : array('GET', 'HEAD'));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -1929,7 +1929,7 @@ class RequestTest extends \PHPUnit_Framework_TestCase
|
|||
{
|
||||
$request = new Request();
|
||||
$request->setMethod($method);
|
||||
$this->assertEquals($safe, $request->isMethodSafe());
|
||||
$this->assertEquals($safe, $request->isMethodSafe(false));
|
||||
}
|
||||
|
||||
public function methodSafeProvider()
|
||||
|
@ -1948,6 +1948,13 @@ class RequestTest extends \PHPUnit_Framework_TestCase
|
|||
);
|
||||
}
|
||||
|
||||
public function testMethodSafeChecksCacheable()
|
||||
{
|
||||
$request = new Request();
|
||||
$request->setMethod('OPTION');
|
||||
$this->assertFalse($request->isMethodSafe());
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider methodCacheableProvider
|
||||
*/
|
||||
|
|
|
@ -81,7 +81,7 @@ class FragmentListener implements EventSubscriberInterface
|
|||
protected function validateRequest(Request $request)
|
||||
{
|
||||
// is the Request safe?
|
||||
if (!$request->isMethodSafe()) {
|
||||
if (!$request->isMethodSafe(false)) {
|
||||
throw new AccessDeniedHttpException();
|
||||
}
|
||||
|
||||
|
|
|
@ -202,7 +202,7 @@ class HttpCache implements HttpKernelInterface, TerminableInterface
|
|||
}
|
||||
$this->traces[$request->getMethod().' '.$path] = array();
|
||||
|
||||
if (!$request->isMethodSafe()) {
|
||||
if (!$request->isMethodSafe(false)) {
|
||||
$response = $this->invalidate($request, $catch);
|
||||
} elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
|
||||
$response = $this->pass($request, $catch);
|
||||
|
|
|
@ -209,7 +209,7 @@ class ExceptionListener
|
|||
protected function setTargetPath(Request $request)
|
||||
{
|
||||
// session isn't required when using HTTP basic authentication mechanism for example
|
||||
if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
|
||||
if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {
|
||||
$request->getSession()->set('_security.'.$this->providerKey.'.target_path', $request->getUri());
|
||||
}
|
||||
}
|
||||
|
|
Reference in New Issue