From 6c671141982c5837a2e5bf1e90de389c728d5dee Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@pobox.com>
Date: Tue, 14 Dec 2010 16:14:15 -0800
Subject: [PATCH] Mark OembedAction, XrdAction, and (plugin) AutocompleteAction
as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim
read-only when hit with a HEAD request (usually link checkers or a precursor
to a GET, and should be semantically equivalent to a GET without actually
transferring data)
---
actions/apistatusesshow.php | 8 ++------
actions/apitimelineuser.php | 8 ++------
actions/oembed.php | 11 +++++++++++
lib/xrdaction.php | 12 ++++++++++++
plugins/Autocomplete/autocomplete.php | 12 ++++++++++++
5 files changed, 39 insertions(+), 12 deletions(-)
diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php
index e684a07eec..80b0374a63 100644
--- a/actions/apistatusesshow.php
+++ b/actions/apistatusesshow.php
@@ -165,7 +165,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction
}
/**
- * Is this action read only?
+ * We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
*
* @param array $args other arguments
*
@@ -174,11 +174,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction
function isReadOnly($args)
{
- if ($_SERVER['REQUEST_METHOD'] == 'GET') {
- return true;
- } else {
- return false;
- }
+ return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
}
/**
diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php
index 81809670b4..42988a00f6 100644
--- a/actions/apitimelineuser.php
+++ b/actions/apitimelineuser.php
@@ -235,7 +235,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction
}
/**
- * Is this action read only?
+ * We expose AtomPub here, so non-GET/HEAD reqs must be read/write.
*
* @param array $args other arguments
*
@@ -244,11 +244,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction
function isReadOnly($args)
{
- if ($_SERVER['REQUEST_METHOD'] == 'GET') {
- return true;
- } else {
- return false;
- }
+ return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD');
}
/**
diff --git a/actions/oembed.php b/actions/oembed.php
index 09d68a446e..bef707f92a 100644
--- a/actions/oembed.php
+++ b/actions/oembed.php
@@ -215,4 +215,15 @@ class OembedAction extends Action
return;
}
+ /**
+ * Is this action read-only?
+ *
+ * @param array $args other arguments
+ *
+ * @return boolean is read only action?
+ */
+ function isReadOnly($args)
+ {
+ return true;
+ }
}
diff --git a/lib/xrdaction.php b/lib/xrdaction.php
index 4377eab943..855ed1ea89 100644
--- a/lib/xrdaction.php
+++ b/lib/xrdaction.php
@@ -145,4 +145,16 @@ class XrdAction extends Action
return (substr($uri, 0, 5) == 'acct:');
}
+
+ /**
+ * Is this action read-only?
+ *
+ * @param array $args other arguments
+ *
+ * @return boolean is read only action?
+ */
+ function isReadOnly($args)
+ {
+ return true;
+ }
}
diff --git a/plugins/Autocomplete/autocomplete.php b/plugins/Autocomplete/autocomplete.php
index c92002245f..e15e95ec19 100644
--- a/plugins/Autocomplete/autocomplete.php
+++ b/plugins/Autocomplete/autocomplete.php
@@ -165,4 +165,16 @@ class AutocompleteAction extends Action
print json_encode($result) . "\n";
}
}
+
+ /**
+ * Is this action read-only?
+ *
+ * @param array $args other arguments
+ *
+ * @return boolean is read only action?
+ */
+ function isReadOnly($args)
+ {
+ return true;
+ }
}
--
2.39.5