symfony
diff --git a/‎src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Request.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Request.php
+11-1Lines changed: 11 additions & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Request.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Request.php
+11-1Lines changed: 11 additions & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
+12-1Lines changed: 12 additions & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
+12-1Lines changed: 12 additions & 1 deletion
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+1-1Lines changed: 1 addition & 1 deletion
@@ -190,7 +190,7 @@ public function prepare(Request $request)
 
         if (!$this->headers->has('Accept-Ranges')) {
             // Only accept ranges on safe HTTP methods
-            $this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
+            $this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
         }
 
         if (!$this->headers->has('Content-Type')) {
 
@@ -1475,10 +1475,20 @@ public function isMethod($method)
     /**
      * Checks whether or not the method is safe.
      *
+     * @param bool $andCacheable Adds the additional condition that the method should be cacheable. True by default.
+     *
      * @return bool
      */
-    public function isMethodSafe()
+    public function isMethodSafe(/* $andCacheable = true */)
     {
+        if (!func_num_args() || func_get_arg(0)) {
+            // This deprecation should be turned into a BadMethodCallException in 4.0 (without adding the argument in the signature)
+            // then setting $andCacheable to false should be deprecated in 4.1
+            @trigger_error('Checking only for cacheable HTTP methods with Symfony\Component\HttpFoundation\Request::isMethodSafe() is deprecated since version 3.2 and will throw an exception in 4.0. Disable checking only for cacheable methods by calling the method with `false` as first argument or use the Request::isMethodCacheable() instead.', E_USER_DEPRECATED);
+
+            return in_array($this->getMethod(), array('GET', 'HEAD'));
+        }
+
         return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE'));
     }
 
 
@@ -1994,7 +1994,7 @@ public function testMethodSafe($method, $safe)
     {
         $request = new Request();
         $request->setMethod($method);
-        $this->assertEquals($safe, $request->isMethodSafe());
+        $this->assertEquals($safe, $request->isMethodSafe(false));
     }
 
     public function methodSafeProvider()
@@ -2013,6 +2013,17 @@ public function methodSafeProvider()
         );
     }
 
+    /**
+     * @group legacy
+     * @expectedDeprecation Checking only for cacheable HTTP methods with Symfony\Component\HttpFoundation\Request::isMethodSafe() is deprecated since version 3.2 and will throw an exception in 4.0. Disable checking only for cacheable methods by calling the method with `false` as first argument or use the Request::isMethodCacheable() instead.
+     */
+    public function testMethodSafeChecksCacheable()
+    {
+        $request = new Request();
+        $request->setMethod('OPTION');
+        $this->assertFalse($request->isMethodSafe());
+    }
+
     /**
      * @dataProvider methodCacheableProvider
      */
 
@@ -81,7 +81,7 @@ public function onKernelRequest(GetResponseEvent $event)
     protected function validateRequest(Request $request)
     {
         // is the Request safe?
-        if (!$request->isMethodSafe()) {
+        if (!$request->isMethodSafe(false)) {
             throw new AccessDeniedHttpException();
         }
 
 
@@ -182,7 +182,7 @@ public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQ
         }
         $this->traces[$request->getMethod().' '.$path] = array();
 
-        if (!$request->isMethodSafe()) {
+        if (!$request->isMethodSafe(false)) {
             $response = $this->invalidate($request, $catch);
         } elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
             $response = $this->pass($request, $catch);
 
@@ -220,7 +220,7 @@ private function startAuthentication(Request $request, AuthenticationException $
     protected function setTargetPath(Request $request)
     {
         // session isn't required when using HTTP basic authentication mechanism for example
-        if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
+        if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {
             $this->saveTargetPath($request->getSession(), $this->providerKey, $request->getUri());
         }
     }
Original file line number	Diff line number	Diff line change
`@@ -190,7 +190,7 @@ public function prepare(Request $request)`
`190`	`190`
`191`	`191`	`if (!$this->headers->has('Accept-Ranges')) {`
`192`	`192`	`// Only accept ranges on safe HTTP methods`
`193`		`- $this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');`
	`193`	`+ $this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');`
`194`	`194`	`}`
`195`	`195`
`196`	`196`	`if (!$this->headers->has('Content-Type')) {`
Original file line number	Diff line number	Diff line change
`@@ -81,7 +81,7 @@ public function onKernelRequest(GetResponseEvent $event)`
`81`	`81`	`protected function validateRequest(Request $request)`
`82`	`82`	`{`
`83`	`83`	`// is the Request safe?`
`84`		`- if (!$request->isMethodSafe()) {`
	`84`	`+ if (!$request->isMethodSafe(false)) {`
`85`	`85`	`throw new AccessDeniedHttpException();`
`86`	`86`	`}`
`87`	`87`
Original file line number	Diff line number	Diff line change
`@@ -182,7 +182,7 @@ public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQ`
`182`	`182`	`}`
`183`	`183`	`$this->traces[$request->getMethod().' '.$path] = array();`
`184`	`184`
`185`		`- if (!$request->isMethodSafe()) {`
	`185`	`+ if (!$request->isMethodSafe(false)) {`
`186`	`186`	`$response = $this->invalidate($request, $catch);`
`187`	`187`	`} elseif ($request->headers->has('expect') \|\| !$request->isMethodCacheable()) {`
`188`	`188`	`$response = $this->pass($request, $catch);`
Original file line number	Diff line number	Diff line change
`@@ -220,7 +220,7 @@ private function startAuthentication(Request $request, AuthenticationException $`
`220`	`220`	`protected function setTargetPath(Request $request)`
`221`	`221`	`{`
`222`	`222`	`// session isn't required when using HTTP basic authentication mechanism for example`
`223`		`- if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {`
	`223`	`+ if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {`
`224`	`224`	`$this->saveTargetPath($request->getSession(), $this->providerKey, $request->getUri());`
`225`	`225`	`}`
`226`	`226`	`}`