diff options
author | Brion Vibber <brion@pobox.com> | 2010-12-14 16:14:15 -0800 |
---|---|---|
committer | Brion Vibber <brion@pobox.com> | 2010-12-14 16:14:15 -0800 |
commit | 6c671141982c5837a2e5bf1e90de389c728d5dee (patch) | |
tree | cbeb94f9817098fa48deded72a0165b2639e939e | |
parent | 2ed1e9b126baa3d09cb41b1c4ea4016ae4f89936 (diff) |
Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim read-only when hit with a HEAD request (usually link checkers or a precursor to a GET, and should be semantically equivalent to a GET without actually transferring data)
-rw-r--r-- | actions/apistatusesshow.php | 8 | ||||
-rw-r--r-- | actions/apitimelineuser.php | 8 | ||||
-rw-r--r-- | actions/oembed.php | 11 | ||||
-rw-r--r-- | lib/xrdaction.php | 12 | ||||
-rw-r--r-- | plugins/Autocomplete/autocomplete.php | 12 |
5 files changed, 39 insertions, 12 deletions
diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php index e684a07ee..80b0374a6 100644 --- a/actions/apistatusesshow.php +++ b/actions/apistatusesshow.php @@ -165,7 +165,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction } /** - * Is this action read only? + * We expose AtomPub here, so non-GET/HEAD reqs must be read/write. * * @param array $args other arguments * @@ -174,11 +174,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction function isReadOnly($args) { - if ($_SERVER['REQUEST_METHOD'] == 'GET') { - return true; - } else { - return false; - } + return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD'); } /** diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php index 81809670b..42988a00f 100644 --- a/actions/apitimelineuser.php +++ b/actions/apitimelineuser.php @@ -235,7 +235,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction } /** - * Is this action read only? + * We expose AtomPub here, so non-GET/HEAD reqs must be read/write. * * @param array $args other arguments * @@ -244,11 +244,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction function isReadOnly($args) { - if ($_SERVER['REQUEST_METHOD'] == 'GET') { - return true; - } else { - return false; - } + return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD'); } /** diff --git a/actions/oembed.php b/actions/oembed.php index 09d68a446..bef707f92 100644 --- a/actions/oembed.php +++ b/actions/oembed.php @@ -215,4 +215,15 @@ class OembedAction extends Action return; } + /** + * Is this action read-only? + * + * @param array $args other arguments + * + * @return boolean is read only action? + */ + function isReadOnly($args) + { + return true; + } } diff --git a/lib/xrdaction.php b/lib/xrdaction.php index 4377eab94..855ed1ea8 100644 --- a/lib/xrdaction.php +++ b/lib/xrdaction.php @@ -145,4 +145,16 @@ class XrdAction extends Action return (substr($uri, 0, 5) == 'acct:'); } + + /** + * Is this action read-only? + * + * @param array $args other arguments + * + * @return boolean is read only action? + */ + function isReadOnly($args) + { + return true; + } } diff --git a/plugins/Autocomplete/autocomplete.php b/plugins/Autocomplete/autocomplete.php index c92002245..e15e95ec1 100644 --- a/plugins/Autocomplete/autocomplete.php +++ b/plugins/Autocomplete/autocomplete.php @@ -165,4 +165,16 @@ class AutocompleteAction extends Action print json_encode($result) . "\n"; } } + + /** + * Is this action read-only? + * + * @param array $args other arguments + * + * @return boolean is read only action? + */ + function isReadOnly($args) + { + return true; + } } |