8000 [HttpKernel] Deprecate checking for cacheable HTTP methods in Request… · symfony/symfony@af59fc8 · GitHub
[go: up one dir, main page]
Skip to content

Commit af59fc8

Browse files
nicolas-grekasnicolas-grekas
committed
[HttpKernel] Deprecate checking for cacheable HTTP methods in Request::isMethodSafe()
1 parent 59f9949 commit af59fc8

File tree

6 files changed

+25
-6
lines changed

6 files changed

+25
-6
lines changed

src/Symfony/Component/HttpFoundation/BinaryFileResponse.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -190,7 +190,7 @@ public function prepare(Request $request)
190190

191191
if (!$this->headers->has('Accept-Ranges')) {
192192
// Only accept ranges on safe HTTP methods
193-
$this->headers->set('Accept-Ranges', $request->isMethodSafe() ? 'bytes' : 'none');
193+
$this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
194194
}
195195

196196
if (!$this->headers->has('Content-Type')) {

src/Symfony/Component/HttpFoundation/Request.php

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1475,10 +1475,18 @@ public function isMethod($method)
14751475
/**
14761476
* Checks whether or not the method is safe.
14771477
*
1478+
* @param bool $andCacheable Adds the additional contition that the method should be cacheable. True by default.
1479+
*
14781480
* @return bool
14791481
*/
1480-
public function isMethodSafe()
1482+
public function isMethodSafe(/* $andCacheable = true */)
14811483
{
1484+
if (!func_num_args() || func_get_arg(0)) {
1485+
@trigger_error('Checking only for cacheable HTTP methods with Symfony\Component\HttpFoundation\Request::isMethodSafe() is deprecated since version 3.2 and will be unsupported in 4.0. Disable checking only for cacheable methods by calling the method with `false` as first argument or use the Request::isMethodCacheable() instead.', E_USER_DEPRECATED);
1486+
1487+
return in_array($this->getMethod(), array('GET', 'HEAD'));
1488+
}
1489+
14821490
return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE'));
14831491
}
14841492

src/Symfony/Component/HttpFoundation/Tests/RequestTest.php

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1994,7 +1994,7 @@ public function testMethodSafe($method, $safe)
19941994
{
19951995
$request = new Request();
19961996
$request->setMethod($method);
1997-
$this->assertEquals($safe, $request->isMethodSafe());
1997+
$this->assertEquals($safe, $request->isMethodSafe(false));
19981998
}
19991999

20002000
public function methodSafeProvider()
@@ -2013,6 +2013,17 @@ public function methodSafeProvider()
20132013
);
20142014
}
20152015

2016+
/**
2017+
* @group legacy
2018+
* @expectedDeprecation Checking only for cacheable HTTP methods with Symfony\Component\HttpFoundation\Request::isMethodSafe() is deprecated since version 3.2 and will be unsupported in 4.0. Disable checking only for cacheable methods by calling the method with `false` as first argument or use the Request::isMethodCacheable() instead.
2019+
*/
2020+
public function testMethodSafeChecksCacheable()
2021+
{
2022+
$request = new Request();
2023+
$request->setMethod('OPTION');
2024+
$this->assertFalse($request->isMethodSafe());
2025+
}
2026+
20162027
/**
20172028
* @dataProvider methodCacheableProvider
20182029
*/

src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@ public function onKernelRequest(GetResponseEvent $event)
8181
protected function validateRequest(Request $request)
8282
{
8383
// is the Request safe?
84-
if (!$request->isMethodSafe()) {
84+
if (!$request->isMethodSafe(false)) {
8585
throw new AccessDeniedHttpException();
8686
}
8787

src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -182,7 +182,7 @@ public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQ
182182
}
183183
$this->traces[$request->getMethod().' '.$path] = array();
184184

185-
if (!$request->isMethodSafe()) {
185+
if (!$request->isMethodSafe(false)) {
186186
$response = $this->invalidate($request, $catch);
187187
} elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) {
188188
$response = $this->pass($request, $catch);

src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -220,7 +220,7 @@ private function startAuthentication(Request $request, AuthenticationException $
220220
protected function setTargetPath(Request $request)
221221
{
222222
// session isn't required when using HTTP basic authentication mechanism for example
223-
if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
223+
if ($request->hasSession() && $request->isMethodSafe(false) && !$request->isXmlHttpRequest()) {
224224
$this->saveTargetPath($request->getSession(), $this->providerKey, $request->getUri());
225225
}
226226
}

0 commit comments

Comments
 (0)
0