On Monday, February 28, 2011 at 12:12 PM, Jordi Boggiano wrote: On 28.02.2011 17:41, Kris Wallsmith wrote: > > I've added support for the 405 Method Not Allowed response here: > > https://github.com/symfony/symfony/pull/128 > > > > As noted in the description, this patch changes how the URL matches so > > it either returns an array of parameters or throws an exception; it no > > longer returns false. The exception is either a NotFoundException or > > MethodNotAllowedException, the latter of which includes a > > getAllowedMethods() method to use for populating the response Allow header. > > Great! > > > Additionally, I've reverted Ryan's earlier patch that changed the syntax > > for defining a _method requirement so it is now either a string or array > > once again, no longer a case-insensitive regular expression. > > I don't agree with that one. Requirements are defined as regexes, and > having one of them behave differently is counter-intuitive. Given that > mostly everyone will just do stuff like "GET|POST" anyway, I don't think > it hinders the display of the exception message. According to the the HTTP spec, a 405 response "MUST include an Allow header containing a list of valid methods for the requested resource." This is not be possible if the requirement is a regular expression. Furthermore, _method was already a special requirement because it was case-insensitive, while all others are case-sensitive.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.6 Kris > > I have not looked at what it will take to implement 405 support in the > > Apache classes yet. > > You can use: > > RewriteRule .* app.php [R=405,L] > > But I think in this case it'll still call app.php, which is not ideal. > > The only other way I believe is: > > RewriteRule .* app.php [F,L] > > Which will return a 403 immediately, but of course that's not a 405. > > Cheers > > -- > Jordi Boggiano > @seldaek :: http://seld.be/ > > -- > If you want to report a vulnerability issue on symfony, please send it to > security at symfony-project.com > > You received this message because you are subscribed to the Google > Groups "symfony developers" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/symfony-devs?hl=en > -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
