mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-05-04 17:44:38 +09:00
Support more HTTP methods #2287
This commit is contained in:
Kijin Sung
parent
f419353013
commit
eb5dd18659
3 changed files with 22 additions and 6 deletions
|
|
@ -142,6 +142,15 @@ class Context
|
||||||
'@</?script@i' => 'ALLOW ADMIN ONLY',
|
'@</?script@i' => 'ALLOW ADMIN ONLY',
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* HTTP methods supported by router.
|
||||||
|
*/
|
||||||
|
private static $_router_methods = array(
|
||||||
|
'GET', 'POST', 'JSON', 'XMLRPC',
|
||||||
|
'HEAD', 'OPTIONS', 'PUT', 'PATCH',
|
||||||
|
'DELETE', 'TRACE',
|
||||||
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Obtain a singleton instance of Context.
|
* Obtain a singleton instance of Context.
|
||||||
*
|
*
|
||||||
|
|
@ -195,7 +204,7 @@ class Context
|
||||||
// Set information about the current request.
|
// Set information about the current request.
|
||||||
self::_checkGlobalVars();
|
self::_checkGlobalVars();
|
||||||
self::setRequestMethod();
|
self::setRequestMethod();
|
||||||
if (in_array(self::$_instance->request_method, array('GET', 'POST', 'JSON')))
|
if (in_array(self::$_instance->request_method, self::$_router_methods))
|
||||||
{
|
{
|
||||||
$method = $_SERVER['REQUEST_METHOD'] ?? 'GET';
|
$method = $_SERVER['REQUEST_METHOD'] ?? 'GET';
|
||||||
$request = Rhymix\Framework\Router::parseURL($method, RX_REQUEST_URL, Rhymix\Framework\Router::getRewriteLevel());
|
$request = Rhymix\Framework\Router::parseURL($method, RX_REQUEST_URL, Rhymix\Framework\Router::getRewriteLevel());
|
||||||
|
|
|
||||||
|
|
@ -38,6 +38,13 @@ class ModuleHandler extends Handler
|
||||||
'svc' => '',
|
'svc' => '',
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* List of HTTP methods that do not require CSRF checks by default.
|
||||||
|
*/
|
||||||
|
protected static $_nocsrf_methods = array(
|
||||||
|
'GET', 'HEAD', 'OPTIONS',
|
||||||
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* prepares variables to use in moduleHandler
|
* prepares variables to use in moduleHandler
|
||||||
* @param string $module name of module
|
* @param string $module name of module
|
||||||
|
|
@ -377,7 +384,7 @@ class ModuleHandler extends Handler
|
||||||
}
|
}
|
||||||
|
|
||||||
// check CSRF for non-GET (POST, PUT, etc.) actions
|
// check CSRF for non-GET (POST, PUT, etc.) actions
|
||||||
if(Context::getRequestMethod() !== 'GET' && Context::isInstalled())
|
if(!in_array(Context::getRequestMethod(), self::$_nocsrf_methods) && Context::isInstalled())
|
||||||
{
|
{
|
||||||
if(isset($xml_info->action->{$this->act}) && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF())
|
if(isset($xml_info->action->{$this->act}) && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF())
|
||||||
{
|
{
|
||||||
|
|
@ -539,7 +546,7 @@ class ModuleHandler extends Handler
|
||||||
}
|
}
|
||||||
|
|
||||||
// check CSRF for non-GET (POST, PUT, etc.) actions
|
// check CSRF for non-GET (POST, PUT, etc.) actions
|
||||||
if(Context::getRequestMethod() !== 'GET' && Context::isInstalled())
|
if(!in_array(Context::getRequestMethod(), self::$_nocsrf_methods) && Context::isInstalled())
|
||||||
{
|
{
|
||||||
if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF())
|
if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF())
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -180,7 +180,7 @@ class Router
|
||||||
}
|
}
|
||||||
|
|
||||||
// Try the list of routes defined by the module.
|
// Try the list of routes defined by the module.
|
||||||
foreach ($action_info->route->{$method} as $regexp => $action)
|
foreach ($action_info->route->{$method} ?? [] as $regexp => $action)
|
||||||
{
|
{
|
||||||
if (preg_match($regexp, $internal_url, $matches))
|
if (preg_match($regexp, $internal_url, $matches))
|
||||||
{
|
{
|
||||||
|
|
@ -199,7 +199,7 @@ class Router
|
||||||
if ($prefix_type === 'mid')
|
if ($prefix_type === 'mid')
|
||||||
{
|
{
|
||||||
$forwarded_routes = self::_getForwardedRoutes('internal');
|
$forwarded_routes = self::_getForwardedRoutes('internal');
|
||||||
foreach ($forwarded_routes[$method] ?: [] as $regexp => $action)
|
foreach ($forwarded_routes[$method] ?? [] as $regexp => $action)
|
||||||
{
|
{
|
||||||
if (preg_match($regexp, $internal_url, $matches))
|
if (preg_match($regexp, $internal_url, $matches))
|
||||||
{
|
{
|
||||||
|
|
@ -248,7 +248,7 @@ class Router
|
||||||
if ($rewrite_level >= 2)
|
if ($rewrite_level >= 2)
|
||||||
{
|
{
|
||||||
$global_routes = self::_getForwardedRoutes('global');
|
$global_routes = self::_getForwardedRoutes('global');
|
||||||
foreach ($global_routes[$method] ?: [] as $regexp => $action)
|
foreach ($global_routes[$method] ?? [] as $regexp => $action)
|
||||||
{
|
{
|
||||||
if (preg_match($regexp, $url, $matches))
|
if (preg_match($regexp, $url, $matches))
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue