Use 308 to ensure http method is preserved #9286
Conversation
f1c7144 to
733f398
Compare
The 307 and 308 status codes were introduced exactly to solve this issue.
733f398 to
8549488
Compare
routing/redirect_trailing_slash.rst
Outdated
| @@ -27,7 +27,7 @@ new URL with a 301 response status code:: | |||
|
|
|||
| $url = str_replace($pathInfo, rtrim($pathInfo, ' /'), $requestUri); | |||
|
|
|||
| return $this->redirect($url, 301); | |||
| return $this->redirect($url, 308); | |||
There was a problem hiding this comment.
Should not be 301 if it's a GET method?
There was a problem hiding this comment.
See https://httpstatuses.com/308, it works for both GET and POST, and forbids changing them.
There was a problem hiding this comment.
👍 Then. But not all people know what 308 code mean. It would be great to add an explanation line with the link you just provided.
|
This seems to be fully supported by all browsers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/308 |
|
@javiereguiluz @greg0ire As we spoke about doc improvement, I have a question: Why using a controller? Why not a kernel exception listener? I gave a try and it works very well: namespace App\Subscriber;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
use Symfony\Component\HttpKernel\KernelEvents;
final class TrailingSlashSubscriber implements EventSubscriberInterface
{
/**
* {@inheritdoc}
*/
public static function getSubscribedEvents()
{
return [
KernelEvents::EXCEPTION => [
['onKernelException', 1]
]
];
}
public function onKernelException(GetResponseForExceptionEvent $event)
{
if (!$event->getException() instanceof NotFoundHttpException) {
return;
}
$request = $event->getRequest();
$pathInfo = $request->getPathInfo();
$requestUri = $request->getRequestUri();
$url = str_replace($pathInfo, rtrim($pathInfo, '/'), $requestUri);
if ($url !== $requestUri) {
$event->setResponse(new RedirectResponse($url, Response::HTTP_PERMANENTLY_REDIRECT));
}
}
}Plus, it avoids possible issue explained by this warning:
|
|
Maybe the controller + route is more explicit than waiting for an exception you could avoid from the start? Otherwise yeah, it looks good too! Anyway, that's the kind of thing I would do even earlier, with my webserver: https://www.scalescale.com/tips/nginx/nginx-remove-trailing-slash/ |
|
@greg0ire That was I was thinking about. But my listener took 1ms to process, so it's still worth it IMO. |
| @@ -27,7 +27,9 @@ new URL with a 301 response status code:: | |||
|
|
|||
| $url = str_replace($pathInfo, rtrim($pathInfo, ' /'), $requestUri); | |||
There was a problem hiding this comment.
Not related, but we can take benefit to fix it: why a space on rtrim second argument?
There was a problem hiding this comment.
Because you want to remove spaces too
There was a problem hiding this comment.
Why? I tried without, works well.
There was a problem hiding this comment.
I mean what happens if the url is http://my.website/someroute/ <- space here? That works too?
There was a problem hiding this comment.
But I did it on Chrome, maybe the browser remove it itself? 🤔
There was a problem hiding this comment.
Maybe, because I can't see how that would work
|
My listener may also match is the previous excpetion is a |
|
After some tests, I don't recommend to use a listener. Indeed, if you try something like |
|
Thanks Grégoire. |
…iereguiluz) This PR was merged into the 2.7 branch. Discussion ---------- Use 308 to ensure http method is preserved 307 and 308 were introduced exactly to solve this issue. Commits ------- e21cf2f Minor change f8f6bda Added some minor explanation about 308 code 8549488 Use 308 to ensure http method is preserved
307 and 308 were introduced exactly to solve this issue.