Merge branch '2.3' into 2.5
* 2.3: [HttpFoundation] Fix an issue caused by php's Bug #66606. Don't add Accept-Range header on unsafe HTTP requests simplify hasScheme method Conflicts: src/Symfony/Component/HttpFoundation/Request.php src/Symfony/Component/Routing/Route.php
This commit is contained in:
Fabien Potencier
commit
169a420c9c
@ -169,7 +169,11 @@ class BinaryFileResponse extends Response
|
||||
public function prepare(Request $request)
|
||||
{
|
||||
$this->headers->set('Content-Length', $this->file->getSize());
|
||||
$this->headers->set('Accept-Ranges', 'bytes');
|
||||
|
||||
if (!$this->headers->has('Accept-Ranges')) {
|
||||
// Only accept ranges on safe HTTP methods
|
||||
$this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
|
||||
}
|
||||
|
||||
if (!$this->headers->has('Content-Type')) {
|
||||
$this->headers->set('Content-Type', $this->file->getMimeType() ?: 'application/octet-stream');
|
||||
|
||||
@ -268,7 +268,20 @@ class Request
|
||||
*/
|
||||
public static function createFromGlobals()
|
||||
{
|
||||
$request = self::createRequestFromFactory($_GET, $_POST, array(), $_COOKIE, $_FILES, $_SERVER);
|
||||
// With the php's bug #66606, the php's built-in web server
|
||||
// stores the Content-Type and Content-Length header values in
|
||||
// HTTP_CONTENT_TYPE and HTTP_CONTENT_LENGTH fields.
|
||||
$server = $_SERVER;
|
||||
if ('cli-server' === php_sapi_name()) {
|
||||
if (array_key_exists('HTTP_CONTENT_LENGTH', $_SERVER)) {
|
||||
$server['CONTENT_LENGTH'] = $_SERVER['HTTP_CONTENT_LENGTH'];
|
||||
}
|
||||
if (array_key_exists('HTTP_CONTENT_TYPE', $_SERVER)) {
|
||||
$server['CONTENT_TYPE'] = $_SERVER['HTTP_CONTENT_TYPE'];
|
||||
}
|
||||
}
|
||||
|
||||
$request = self::createRequestFromFactory($_GET, $_POST, array(), $_COOKIE, $_FILES, $server);
|
||||
|
||||
if (0 === strpos($request->headers->get('CONTENT_TYPE'), 'application/x-www-form-urlencoded')
|
||||
&& in_array(strtoupper($request->server->get('REQUEST_METHOD', 'GET')), array('PUT', 'DELETE', 'PATCH'))
|
||||
|
||||
@ -200,6 +200,25 @@ class BinaryFileResponseTest extends ResponseTestCase
|
||||
$this->assertEquals(realpath($response->getFile()->getPathname()), realpath($filePath));
|
||||
}
|
||||
|
||||
public function testAcceptRangeOnUnsafeMethods()
|
||||
{
|
||||
$request = Request::create('/', 'POST');
|
||||
$response = BinaryFileResponse::create(__DIR__.'/File/Fixtures/test.gif');
|
||||
$response->prepare($request);
|
||||
|
||||
$this->assertEquals('none', $response->headers->get('Accept-Ranges'));
|
||||
}
|
||||
|
||||
public function testAcceptRangeNotOverriden()
|
||||
{
|
||||
$request = Request::create('/', 'POST');
|
||||
$response = BinaryFileResponse::create(__DIR__.'/File/Fixtures/test.gif');
|
||||
$response->headers->set('Accept-Ranges', 'foo');
|
||||
$response->prepare($request);
|
||||
|
||||
$this->assertEquals('foo', $response->headers->get('Accept-Ranges'));
|
||||
}
|
||||
|
||||
public function getSampleXAccelMappings()
|
||||
{
|
||||
return array(
|
||||
|
||||
@ -272,21 +272,14 @@ class Route implements \Serializable
|
||||
*/
|
||||
public function hasScheme($scheme)
|
||||
{
|
||||
$scheme = strtolower($scheme);
|
||||
foreach ($this->schemes as $requiredScheme) {
|
||||
if ($scheme === $requiredScheme) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
return in_array(strtolower($scheme), $this->schemes, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the uppercased HTTP methods this route is restricted to.
|
||||
* So an empty array means that any method is allowed.
|
||||
*
|
||||
* @return array The schemes
|
||||
* @return array The methods
|
||||
*/
|
||||
public function getMethods()
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user