From: Brion Vibber <brion@pobox.com>
Date: Wed, 15 Dec 2010 00:14:15 +0000 (-0800)
Subject: Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked... 
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=6c671141982c5837a2e5bf1e90de389c728d5dee;p=quix0rs-gnu-social.git

Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim read-only when hit with a HEAD request (usually link checkers or a precursor to a GET, and should be semantically equivalent to a GET without actually transferring data)
---

diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php
index e684a07eec..80b0374a63 100644
--- a/actions/apistatusesshow.php
+++ b/actions/apistatusesshow.php
@@ -165,7 +165,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction
     }
 
     /**
-     * Is this action read only?
+     * We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
      *
      * @param array $args other arguments
      *
@@ -174,11 +174,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction
     
     function isReadOnly($args)
     {
-        if ($_SERVER['REQUEST_METHOD'] == 'GET') {
-	    return true;
-	} else {
-	    return false;
-	}
+        return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
     }
 
     /**
diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php
index 81809670b4..42988a00f6 100644
--- a/actions/apitimelineuser.php
+++ b/actions/apitimelineuser.php
@@ -235,7 +235,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction
     }
 
     /**
-     * Is this action read only?
+     * We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
      *
      * @param array $args other arguments
      *
@@ -244,11 +244,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction
     
     function isReadOnly($args)
     {
-        if ($_SERVER['REQUEST_METHOD'] == 'GET') {
-	    return true;
-	} else {
-	    return false;
-	}
+        return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
     }
 
     /**
diff --git a/actions/oembed.php b/actions/oembed.php
index 09d68a446e..bef707f92a 100644
--- a/actions/oembed.php
+++ b/actions/oembed.php
@@ -215,4 +215,15 @@ class OembedAction extends Action
         return;
     }
 
+    /**
+     * Is this action read-only?
+     *
+     * @param array $args other arguments
+     *
+     * @return boolean is read only action?
+     */
+    function isReadOnly($args)
+    {
+        return true;
+    }
 }
diff --git a/lib/xrdaction.php b/lib/xrdaction.php
index 4377eab943..855ed1ea89 100644
--- a/lib/xrdaction.php
+++ b/lib/xrdaction.php
@@ -145,4 +145,16 @@ class XrdAction extends Action
 
         return (substr($uri, 0, 5) == 'acct:');
     }
+
+    /**
+     * Is this action read-only?
+     *
+     * @param array $args other arguments
+     *
+     * @return boolean is read only action?
+     */
+    function isReadOnly($args)
+    {
+        return true;
+    }
 }
diff --git a/plugins/Autocomplete/autocomplete.php b/plugins/Autocomplete/autocomplete.php
index c92002245f..e15e95ec19 100644
--- a/plugins/Autocomplete/autocomplete.php
+++ b/plugins/Autocomplete/autocomplete.php
@@ -165,4 +165,16 @@ class AutocompleteAction extends Action
             print json_encode($result) . "\n";
         }
     }
+
+    /**
+     * Is this action read-only?
+     *
+     * @param array $args other arguments
+     *
+     * @return boolean is read only action?
+     */
+    function isReadOnly($args)
+    {
+        return true;
+    }
 }