@@ -1211,22 +1211,37 @@ public function setMethod($method)
12111211 */
12121212 public function getMethod ()
12131213 {
1214- if (null === $ this method ) {
1215- $ this method = strtoupper ($ this server ->get ('REQUEST_METHOD ' , 'GET ' ));
1216-
1217- if ('POST ' === $ this method ) {
1218- if ($ method$ this headers ->get ('X-HTTP-METHOD-OVERRIDE ' )) {
1219- $ this method = strtoupper ($ method
1220- } elseif (self ::$ httpMethodParameterOverride
1221- $ method$ this request ->get ('_method ' , $ this query ->get ('_method ' , 'POST ' ));
1222- if (\is_string ($ method
1223- $ this method = strtoupper ($ method
1224- }
1225- }
1226- }
1214+ if (null !== $ this method ) {
1215+ return $ this method ;
1216+ }
1217+
1218+ $ this method = strtoupper ($ this server ->get ('REQUEST_METHOD ' , 'GET ' ));
1219+
1220+ if ('POST ' !== $ this method ) {
1221+ return $ this method ;
1222+ }
1223+
1224+ $ method$ this headers ->get ('X-HTTP-METHOD-OVERRIDE ' );
1225+
1226+ if (!$ methodself ::$ httpMethodParameterOverride
1227+ $ method$ this request ->get ('_method ' , $ this query ->get ('_method ' , 'POST ' ));
1228+ }
1229+
1230+ if (!\is_string ($ method
1231+ return $ this method ;
1232+ }
1233+
1234+ $ methodstrtoupper ($ method
1235+
1236+ if (\in_array ($ method'GET ' , 'HEAD ' , 'POST ' , 'PUT ' , 'DELETE ' , 'CONNECT ' , 'OPTIONS ' , 'PATCH ' , 'PURGE ' , 'TRACE ' ], true )) {
1237+ return $ this method = $ method
1238+ }
1239+
1240+ if (!preg_match ('/^[A-Z]++$/D ' , $ method
1241+ throw new SuspiciousOperationException (sprintf ('Invalid method override "%s". ' , $ method
12271242 }
12281243
1229- return $ this method ;
1244+ return $ this method = $ method
12301245 }
12311246
12321247 /**
0 commit comments