New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow all valid HTTP methods #2156
Comments
Here is a pull request to add LINK/UNLINK |
See comment on PR. A closed list of methods doesn't make sense, so we need to fix it properly. |
Rob suggested rewriting validateMethod() to use a regex along these lines: https://regex101.com/r/f80dzN/2 |
That regular expression ( The method in the Request Line is defined in section 3.1.1.:
Token is defined in section 3.2.6.:
( The correct regex is: |
I'm not going to disagree :) |
Looking it up, Diactoros uses
(https://github.com/zendframework/zend-diactoros/blob/master/src/RequestTrait.php#L303) |
@akrabat you will want to use double-backtick to encapsulate inline code that includes a backtick itself. Other then the slight reorder and exchanging the POSIX |
@Zegnat I agree. Would love a PR :) |
@akrabat against 3.x or 4.x? |
It's a bug fix, so 3.x & we'll forward port to 4.x |
I’ll see if I can get you a regular expression based PR by today then! |
👍 Don't forget the tests! |
I am running into some scheduling conflicts and haven’t gotten around to working on this much. For the current 3.x branch, the following patch should be enough, but someone would still need to fix the tests: --- Slim/Http/Request.php
+++ Slim/Http/Request.php
@@ -111,23 +111,6 @@ class Request extends Message implements ServerRequestInterface
protected $uploadedFiles;
/**
- * Valid request methods
- *
- * @var string[]
- */
- protected $validMethods = [
- 'CONNECT' => 1,
- 'DELETE' => 1,
- 'GET' => 1,
- 'HEAD' => 1,
- 'OPTIONS' => 1,
- 'PATCH' => 1,
- 'POST' => 1,
- 'PUT' => 1,
- 'TRACE' => 1,
- ];
-
- /**
* Create new HTTP request with data extracted from the application
* Environment object
*
@@ -349,7 +332,7 @@ class Request extends Message implements ServerRequestInterface
}
$method = strtoupper($method);
- if (!isset($this->validMethods[$method])) {
+ if (preg_match("/^[!#$%&'*+.^_`|~0-9a-z-]+$/i", $method) !== 1) {
throw new InvalidMethodException($this, $method);
} If someone wants to pick this up before I have time again: please. |
Just wondering if we should PR this to 3.x. Isn't a BC break? |
@mathmarques it's kinda a bug fix though |
@geggleto |
Please provide two PRs: one for 3.x and one for 4.x The 3.x one keeps |
As allowed HTTP methods are defined in the protected
$validMethods
in the Request class, HTTP methods likeLINK
andUNLINK
are not supported.The proposed solution is to extend the
Request
class to add these methods. Wouldn't it be easier to have a setter function in theRequest
class or a function to append other HTTP methods to the$validMethods
?#2005
The text was updated successfully, but these errors were encountered: