File tree 2 files changed +17
-1
lines changed 2 files changed +17
-1
lines changed Original file line number Diff line number Diff line change 1717
1818namespace Symfony \Component \HttpKernel \HttpCache ;
1919
20+ use Symfony \Component \HttpFoundation \Exception \SuspiciousOperationException ;
2021use Symfony \Component \HttpFoundation \Request ;
2122use Symfony \Component \HttpFoundation \Response ;
2223use Symfony \Component \HttpKernel \HttpKernelInterface ;
@@ -705,7 +706,11 @@ private function getTraceKey(Request $request): string
705706 $ path'? ' .$ qs
706707 }
707708
708- return $ requestgetMethod ().' ' .$ path
709+ try {
710+ return $ requestgetMethod ().' ' .$ path
711+ } catch (SuspiciousOperationException
712+ return '_BAD_METHOD_ ' .$ path
713+ }
709714 }
710715
711716 /**
Original file line number Diff line number Diff line change @@ -108,6 +108,17 @@ public function testPassesOnNonGetHeadRequests()
108108 $ this assertFalse ($ this response ->headers ->has ('Age ' ));
109109 }
110110
111+ public function testPassesSuspiciousMethodRequests ()
112+ {
113+ $ this setNextResponse (200 );
114+ $ this request ('POST ' , '/ ' , ['HTTP_X-HTTP-Method-Override ' => '__CONSTRUCT ' ]);
115+ $ this assertHttpKernelIsCalled ();
116+ $ this assertResponseOk ();
117+ $ this assertTraceNotContains ('stale ' );
118+ $ this assertTraceNotContains ('invalid ' );
119+ $ this assertFalse ($ this response ->headers ->has ('Age ' ));
120+ }
121+
111122 public function testInvalidatesOnPostPutDeleteRequests ()
112123 {
113124 foreach (['post ' , 'put ' , 'delete ' ] as $ method
You can’t perform that action at this time.
0 commit comments