8000 _method parameter type is not checked · Issue #28079 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content
_method parameter type is not checked #28079
New issue
New issue
Closed
Closed
_method parameter type is not checked#28079
Labels
BugHttpFoundationStatus: Needs Review
@Phobetor

Description

@Phobetor
Phobetor
opened on Jul 27, 2018

Symfony version(s) affected: all supported versions (and >=2.1, too)

Description
Given that HTTP method override is active, setting an array as _method parameter in a random form with POST method raises a PHP warning.

How to reproduce
Activate HTTP method override

framework:
    http_method_override: true

Submit a random form with POST method to a URL which contains an array as _method query parameter (e. g. https://example.com?_method[]=foo&_method[]=bar).

Possible Solution
Request::getMethod() should check the type of the acquired _method value and don't use it if it is no string.

Additional context

PHP Warning:  strtoupper() expects parameter 1 to be string, array given in var/bootstrap.php.cache on line 977

bootstrap.php.cache line 977 is equivalent to src/Symfony/Component/HttpFoundation/Request.php

$this->method = strtoupper($this->request->get('_method', $this->query->get('_method', 'POST')));

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugHttpFoundationStatus: Needs Review

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0