From 85253e57ab0185c69129ccb0498cbf5c93488f0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Sat, 9 Jul 2016 10:59:31 +0200 Subject: [PATCH 1/2] [HttpFoundation] Add OTIONS and TRACE to the list of safe methods --- .../Component/HttpFoundation/Request.php | 2 +- .../HttpFoundation/Tests/RequestTest.php | 26 +++++++++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpFoundation/Request.php b/src/Symfony/Component/HttpFoundation/Request.php index 45f97016a04e8..125be18bbb409 100644 --- a/src/Symfony/Component/HttpFoundation/Request.php +++ b/src/Symfony/Component/HttpFoundation/Request.php @@ -1470,7 +1470,7 @@ public function isMethod($method) */ public function isMethodSafe() { - return in_array($this->getMethod(), array('GET', 'HEAD')); + return in_array($this->getMethod(), array('GET', 'HEAD', 'OPTIONS', 'TRACE')); } /** diff --git a/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php b/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php index 1edc48c1b62db..71fae3396714c 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php @@ -1912,6 +1912,32 @@ public function getLongHostNames() array(str_repeat(':', 101)), ); } + + /** + * @dataProvider methodProvider + */ + public function testMethodSafe($method, $safe) + { + $request = new Request(); + $request->setMethod($method); + $this->assertEquals($safe, $request->isMethodSafe()); + } + + public function methodProvider() + { + return array( + array(Request::METHOD_HEAD, true), + array(Request::METHOD_GET, true), + array(Request::METHOD_POST, false), + array(Request::METHOD_PUT, false), + array(Request::METHOD_PATCH, false), + array(Request::METHOD_DELETE, false), + array(Request::METHOD_PURGE, false), + array(Request::METHOD_OPTIONS, true), + array(Request::METHOD_TRACE, true), + array(Request::METHOD_CONNECT, false), + ); + } } class RequestContentProxy extends Request From 4f6d9dba63fda2198f2a5845030a17c0d8878093 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Sun, 10 Jul 2016 10:59:15 +0200 Subject: [PATCH 2/2] Fix comments --- .../HttpFoundation/Tests/RequestTest.php | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php b/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php index 71fae3396714c..8540cad6630ee 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php @@ -1914,7 +1914,7 @@ public function getLongHostNames() } /** - * @dataProvider methodProvider + * @dataProvider methodSafeProvider */ public function testMethodSafe($method, $safe) { @@ -1923,19 +1923,19 @@ public function testMethodSafe($method, $safe) $this->assertEquals($safe, $request->isMethodSafe()); } - public function methodProvider() + public function methodSafeProvider() { return array( - array(Request::METHOD_HEAD, true), - array(Request::METHOD_GET, true), - array(Request::METHOD_POST, false), - array(Request::METHOD_PUT, false), - array(Request::METHOD_PATCH, false), - array(Request::METHOD_DELETE, false), - array(Request::METHOD_PURGE, false), - array(Request::METHOD_OPTIONS, true), - array(Request::METHOD_TRACE, true), - array(Request::METHOD_CONNECT, false), + array('HEAD', true), + array('GET', true), + array('POST', false), + array('PUT', false), + array('PATCH', false), + array('DELETE', false), + array('PURGE', false), + array('OPTIONS', true), + array('TRACE', true), + array('CONNECT', false), ); } }