8000 bug #20602 [HttpKernel] Revert BC breaking change of Request::isMetho… · symfony/symfony@34b9fd6 · GitHub
[go: up one dir, main page]
Skip to content

Commit 34b9fd6

Browse files
fabpotfabpot
committed
bug #20602 [HttpKernel] Revert BC breaking change of Request::isMethodSafe() (nicolas-grekas)
This PR was merged into the 2.7 branch. Discussion ---------- [HttpKernel] Revert BC breaking change of Request::isMethodSafe() | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | yes | New feature? | no | BC breaks? | yes (reverting a previous BC break) | Deprecations? | no | Tests pass? | yes | Fixed tickets | #20562 | License | MIT | Doc PR | - As spotted in #20562, we should not have broken a minor version. Instead, we should have deprecated the bad behavior. This is done in #20603. Commits ------- 0c3b7d7 [HttpKernel] Revert BC breaking change of Request::isMethodSafe()
2 parents 78d713c + 0c3b7d7 commit 34b9fd6

File tree

6 files changed

+16
-7
lines changed

6 files changed

+16
-7
lines changed

src/Symfony/Component/HttpFoundation/BinaryFileResponse.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -190,7 +190,7 @@ public function prepare(Request $request)
190190

191191
if (!$this->headers->has('Accept-Ranges')) {
192192
// Only accept ranges on safe HTTP methods
193-
$this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
193+
$this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
194194
}
195195

196196
if (!$this->headers->has('Content-Type')) {

src/Symfony/Component/HttpFoundation/Request.php

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1466,11 +1466,13 @@ public function isMethod($method)
14661466
/**
14671467
* Checks whether the method is safe or not.
14681468
*
1469+
* @param bool $andCacheable Adds the additional condition that the method should be cacheable. True by default.
1470+
*
14691471
* @return bool
14701472
*/
1471-
public function isMethodSafe( 8000 )
1473+
public function isMethodSafe(/* $andCacheable = true */)
14721474
{
1473-
return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE'));
1475+
return in_array($this->getMethod(), 0 < func_num_args() && !func_get_arg(0) ? array('GET', 'HEAD', 'OPTIONS', 'TRACE') : array('GET', 'HEAD'));
14741476
}
14751477

14761478
/**

src/Symfony/Component/HttpFoundation/Tests/RequestTest.php

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1929,7 +1929,7 @@ public function testMethodSafe($method, $safe)
19291929
{
19301930
$request = new Request();
19311931
$request->setMethod($method);
1932-
$this->assertEquals($safe, $request->isMethodSafe());
1932+
$this->assertEquals($safe, $request->isMethodSafe(false));
19331933
}
19341934

19351935
public function methodSafeProvider()
@@ -1948,6 +1948,13 @@ public function methodSafeProvider()
19481948
);
19491949
}
19501950

1951+
public function testMethodSafeChecksCacheable()
1952+
{
1953+
$request = new Request();
1954+
$request->setMethod('OPTION');
1955+
$this->assertFalse($request->isMethodSafe());
1956+
}
1957+
19511958
/**
19521959
* @dataProvider methodCacheableProvider
19531960
*/

src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ public function onKernelRequest(GetResponseEvent $event)
8181
protected function validateRequest(Request $request)
8282
{
8383
// is the Request safe?
84-
if (!$request->isMethodSafe()) {
84+
if (!$request->isMethodSafe(false)) {
8585
throw new AccessDeniedHttpException();
8686
}
8787

src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -202,7 +202,7 @@ public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQ
202202
}
203203
$this->traces[$request->getMethod().' '.$path] = array();
204204

205-
if (!$request->isMethodSafe()) {
205+
if (!$request->isMethodSafe(false)) {
206206
$response = $this->invalidate($request, $catch);
207207
} elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
208208
$response = $this->pass($request, $catch);

src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -209,7 +209,7 @@ private function startAuthentication(Request $request, AuthenticationException $
209209
protected function setTargetPath(Request $request)
210210
{
211211
// session isn't required when using HTTP basic authentication mechanism for example
212-
if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
212+
if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {
213213
$request->getSession()->set('_security.'.$this->providerKey.'.target_path', $request->getUri());
214214
}
215215
}

0 commit comments

Comments
 (0)
0