Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 34b9fd6

Browse filesBrowse files
fabpotfabpot
committed
bug #20602 [HttpKernel] Revert BC breaking change of Request::isMethodSafe() (nicolas-grekas)
This PR was merged into the 2.7 branch. Discussion ---------- [HttpKernel] Revert BC breaking change of Request::isMethodSafe() | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | yes | New feature? | no | BC breaks? | yes (reverting a previous BC break) | Deprecations? | no | Tests pass? | yes | Fixed tickets | #20562 | License | MIT | Doc PR | - As spotted in #20562, we should not have broken a minor version. Instead, we should have deprecated the bad behavior. This is done in #20603. Commits ------- 0c3b7d7 [HttpKernel] Revert BC breaking change of Request::isMethodSafe()
2 parents 78d713c + 0c3b7d7 commit 34b9fd6
Copy full SHA for 34b9fd6

File tree

6 files changed

+16
-7
lines changed
Filter options

6 files changed

+16
-7
lines changed

‎src/Symfony/Component/HttpFoundation/BinaryFileResponse.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -190,7 +190,7 @@ public function prepare(Request $request)
190190

191191
if (!$this->headers->has('Accept-Ranges')) {
192192
// Only accept ranges on safe HTTP methods
193-
$this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
193+
$this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
194194
}
195195

196196
if (!$this->headers->has('Content-Type')) {

‎src/Symfony/Component/HttpFoundation/Request.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Request.php
+4-2Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1466,11 +1466,13 @@ public function isMethod($method)
14661466
/**
14671467
* Checks whether the method is safe or not.
14681468
*
1469+
* @param bool $andCacheable Adds the additional condition that the method should be cacheable. True by default.
1470+
*
14691471
* @return bool
14701472
*/
1471-
public function isMethodSafe()
1473+
public function isMethodSafe(/* $andCacheable = true */)
14721474
{
1473-
return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE'));
1475+
return in_array($this->getMethod(), 0 < func_num_args() && !func_get_arg(0) ? array('GET', 'HEAD', 'OPTIONS', 'TRACE') : array('GET', 'HEAD'));
14741476
}
14751477

14761478
/**

‎src/Symfony/Component/HttpFoundation/Tests/RequestTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
+8-1Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1929,7 +1929,7 @@ public function testMethodSafe($method, $safe)
19291929
{
19301930
$request = new Request();
19311931
$request->setMethod($method);
1932-
$this->assertEquals($safe, $request->isMethodSafe());
1932+
$this->assertEquals($safe, $request->isMethodSafe(false));
19331933
}
19341934

19351935
public function methodSafeProvider()
@@ -1948,6 +1948,13 @@ public function methodSafeProvider()
19481948
);
19491949
}
19501950

1951+
public function testMethodSafeChecksCacheable()
1952+
{
1953+
$request = new Request();
1954+
$request->setMethod('OPTION');
1955+
$this->assertFalse($request->isMethodSafe());
1956+
}
1957+
19511958
/**
19521959
* @dataProvider methodCacheableProvider
19531960
*/

‎src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ public function onKernelRequest(GetResponseEvent $event)
8181
protected function validateRequest(Request $request)
8282
{
8383
// is the Request safe?
84-
if (!$request->isMethodSafe()) {
84+
if (!$request->isMethodSafe(false)) {
8585
throw new AccessDeniedHttpException();
8686
}
8787

‎src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -202,7 +202,7 @@ public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQ
202202
}
203203
$this->traces[$request->getMethod().' '.$path] = array();
204204

205-
if (!$request->isMethodSafe()) {
205+
if (!$request->isMethodSafe(false)) {
206206
$response = $this->invalidate($request, $catch);
207207
} elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
208208
$response = $this->pass($request, $catch);

‎src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -209,7 +209,7 @@ private function startAuthentication(Request $request, AuthenticationException $
209209
protected function setTargetPath(Request $request)
210210
{
211211
// session isn't required when using HTTP basic authentication mechanism for example
212-
if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
212+
if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {
213213
$request->getSession()->set('_security.'.$this->providerKey.'.target_path', $request->getUri());
214214
}
215215
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.