8000 Merge branch '5.4' into 6.4 · symfony/http-kernel@7f0fd8a · GitHub
[go: up one dir, main page]
Skip to content

Commit 7f0fd8a

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '5.4' into 6.4
* 5.4: Issue #58821: [DependencyInjection] Support interfaces in ContainerBuilder::getReflectionClass(). Dynamically fix compatibility with doctrine/data-fixtures v2 [HttpKernel] Ensure HttpCache::getTraceKey() does not throw exception don't call EntityManager::initializeObject() with scalar values [Validator] review italian translations Update PR template
2 parents 6f9b73f + 455dfd3 commit 7f0fd8a

File tree

2 files changed

+17
-1
lines changed

2 files changed

+17
-1
lines changed

HttpCache/HttpCache.php

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717

1818
namespace Symfony\Component\HttpKernel\HttpCache;
1919

20+
use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
2021
use Symfony\Component\HttpFoundation\Request;
2122
use Symfony\Component\HttpFoundation\Response;
2223
use Symfony\Component\HttpKernel\HttpKernelInterface;
@@ -725,7 +726,11 @@ private function getTraceKey(Request $request): string
725726
$path .= '?'.$qs;
726727
}
727728

728-
return $request->getMethod().' '.$path;
729+
try {
730+
return $request->getMethod().' '.$path;
731+
} catch (SuspiciousOperationException $e) {
732+
return '_BAD_METHOD_ '.$path;
733+
}
729734
}
730735

731736
/**

Tests/HttpCache/HttpCacheTest.php

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -163,6 +163,17 @@ public function testPassesOnNonGetHeadRequests()
163163
$this->assertFalse($this->response->headers->has('Age'));
164164
}
165165

166+
public function testPassesSuspiciousMethodRequests()
167+
{
168+
$this->setNextResponse(200);
169+
$this->request('POST', '/', ['HTTP_X-HTTP-Method-Override' => '__CONSTRUCT']);
170+
$this->assertHttpKernelIsCalled();
171+
$this->assertResponseOk();
172+
$this->assertTraceNotContains('stale');
173+
$this->assertTraceNotContains('invalid');
174+
$this->assertFalse($this->response->headers->has('Age'));
175+
}
176+
166177
public function testInvalidatesOnPostPutDeleteRequests()
167178
{
168179
foreach (['post', 'put', 'delete'] as $method) {

0 commit comments

Comments
 (0)
0