[HttpKernel] Revert BC breaking change of Request::isMethodSafe()

2016-11-23 13:49:06 +01:00 · 2016-11-23 13:49:06 +01:00 · 0c3b7d7b8d
parent 30d161c0ae
commit 0c3b7d7b8d
6 changed files with 16 additions and 7 deletions
--- a/src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
+++ b/src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
@ -190,7 +190,7 @@ class BinaryFileResponse extends Response
        if (!$this->headers->has('Accept-Ranges')) {
            // Only accept ranges on safe HTTP methods
-            $this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
+            $this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
        }
        if (!$this->headers->has('Content-Type')) {
--- a/src/Symfony/Component/HttpFoundation/Request.php
+++ b/src/Symfony/Component/HttpFoundation/Request.php
@ -1466,11 +1466,13 @@ class Request
    /**
     * Checks whether the method is safe or not.
     *
     * @param bool $andCacheable Adds the additional condition that the method should be cacheable. True by default.
     *
     * @return bool
     */
-    public function isMethodSafe()
+    public function isMethodSafe(/* $andCacheable = true */)
    {
-        return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE'));
+        return in_array($this->getMethod(), 0 < func_num_args() && !func_get_arg(0) ? array('GET', 'HEAD', 'OPTIONS', 'TRACE') : array('GET', 'HEAD'));
    }
    /**
--- a/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
+++ b/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
@ -1929,7 +1929,7 @@ class RequestTest extends \PHPUnit_Framework_TestCase
    {
        $request = new Request();
        $request->setMethod($method);
-        $this->assertEquals($safe, $request->isMethodSafe());
+        $this->assertEquals($safe, $request->isMethodSafe(false));
    }
    public function methodSafeProvider()
@ -1948,6 +1948,13 @@ class RequestTest extends \PHPUnit_Framework_TestCase
        );
    }
    public function testMethodSafeChecksCacheable()
    {
        $request = new Request();
        $request->setMethod('OPTION');
        $this->assertFalse($request->isMethodSafe());
    }
    /**
     * @dataProvider methodCacheableProvider
     */
--- a/src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
+++ b/src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
@ -81,7 +81,7 @@ class FragmentListener implements EventSubscriberInterface
    protected function validateRequest(Request $request)
    {
        // is the Request safe?
-        if (!$request->isMethodSafe()) {
+        if (!$request->isMethodSafe(false)) {
            throw new AccessDeniedHttpException();
        }
--- a/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
+++ b/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
@ -202,7 +202,7 @@ class HttpCache implements HttpKernelInterface, TerminableInterface
        }
        $this->traces[$request->getMethod().' '.$path] = array();
-        if (!$request->isMethodSafe()) {
+        if (!$request->isMethodSafe(false)) {
            $response = $this->invalidate($request, $catch);
        } elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
            $response = $this->pass($request, $catch);
--- a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
@ -209,7 +209,7 @@ class ExceptionListener
    protected function setTargetPath(Request $request)
    {
        // session isn't required when using HTTP basic authentication mechanism for example
-        if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
+        if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {
            $request->getSession()->set('_security.'.$this->providerKey.'.target_path', $request->getUri());
        }
    }