Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 43a480f

Browse filesBrowse files
nicolas-grekasnicolas-grekas
committed
[HttpKernel] Revert BC breaking change of Request::isMethodSafe()
1 parent 30d161c commit 43a480f
Copy full SHA for 43a480f

File tree

6 files changed

+16
-7
lines changed
Filter options

6 files changed

+16
-7
lines changed

‎src/Symfony/Component/HttpFoundation/BinaryFileResponse.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -190,7 +190,7 @@ public function prepare(Request $request)
190190

191191
if (!$this->headers->has('Accept-Ranges')) {
192192
// Only accept ranges on safe HTTP methods
193-
$this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
193+
$this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
194194
}
195195

196196
if (!$this->headers->has('Content-Type')) {

‎src/Symfony/Component/HttpFoundation/Request.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Request.php
+4-2Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1466,11 +1466,13 @@ public function isMethod($method)
14661466
/**
14671467
* Checks whether the method is safe or not.
14681468
*
1469+
* @param bool $andCacheable Adds the additional contition that the method should be cacheable. True by default.
1470+
*
14691471
* @return bool
14701472
*/
1471-
public function isMethodSafe()
1473+
public function isMethodSafe(/* $andCacheable = true */)
14721474
{
1473-
return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE'));
1475+
return in_array($this->getMethod(), 0 < func_num_args() && !func_get_arg(0) ? array('GET', 'HEAD', 'OPTIONS', 'TRACE') : array('GET', 'HEAD'));
14741476
}
14751477

14761478
/**

‎src/Symfony/Component/HttpFoundation/Tests/RequestTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
+8-1Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1929,7 +1929,7 @@ public function testMethodSafe($method, $safe)
19291929
{
19301930
$request = new Request();
19311931
$request->setMethod($method);
1932-
$this->assertEquals($safe, $request->isMethodSafe());
1932+
$this->assertEquals($safe, $request->isMethodSafe(false));
19331933
}
19341934

19351935
public function methodSafeProvider()
@@ -1948,6 +1948,13 @@ public function methodSafeProvider()
19481948
);
19491949
}
19501950

1951+
public function testMethodSafeChecksCacheable()
1952+
{
1953+
$request = new Request();
1954+
$request->setMethod('OPTION');
1955+
$this->assertFalse($request->isMethodSafe());
1956+
}
1957+
19511958
/**
19521959
* @dataProvider methodCacheableProvider
19531960
*/

‎src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ public function onKernelRequest(GetResponseEvent $event)
8181
protected function validateRequest(Request $request)
8282
{
8383
// is the Request safe?
84-
if (!$request->isMethodSafe()) {
84+
if (!$request->isMethodSafe(false)) {
8585
throw new AccessDeniedHttpException();
8686
}
8787

‎src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -202,7 +202,7 @@ public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQ
202202
}
203203
$this->traces[$request->getMethod().' '.$path] = array();
204204

205-
if (!$request->isMethodSafe()) {
205+
if (!$request->isMethodSafe(false)) {
206206
$response = $this->invalidate($request, $catch);
207207
} elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
208208
$response = $this->pass($request, $catch);

‎src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -209,7 +209,7 @@ private function startAuthentication(Request $request, AuthenticationException $
209209
protected function setTargetPath(Request $request)
210210
{
211211
// session isn't required when using HTTP basic authentication mechanism for example
212-
if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
212+
if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {
213213
$request->getSession()->set('_security.'.$this->providerKey.'.target_path', $request->getUri());
214214
}
215215
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.