diff options
| author | Evan Prodromou <evan@status.net> | 2010-12-15 16:48:28 -0500 |
|---|---|---|
| committer | Evan Prodromou <evan@status.net> | 2010-12-15 16:48:28 -0500 |
| commit | e16cb8c03a4490fd3db33f1429ccdce65acfdc18 (patch) | |
| tree | c3bbcd74d9cf64b6c494a41809263fbc6d9e4fd9 /actions | |
| parent | d840578aa0ad6284f57591aae87f87865905db3c (diff) | |
| parent | 0330bad688e902df7c4a6f0db7faed52b9ccfbcb (diff) | |
Merge branch '0.9.x' into righttoleave
Diffstat (limited to 'actions')
| -rw-r--r-- | actions/apistatusesshow.php | 8 | ||||
| -rw-r--r-- | actions/apitimelineuser.php | 19 | ||||
| -rw-r--r-- | actions/oembed.php | 11 |
3 files changed, 24 insertions, 14 deletions
diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php index e684a07ee..80b0374a6 100644 --- a/actions/apistatusesshow.php +++ b/actions/apistatusesshow.php @@ -165,7 +165,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction } /** - * Is this action read only? + * We expose AtomPub here, so non-GET/HEAD reqs must be read/write. * * @param array $args other arguments * @@ -174,11 +174,7 @@ class ApiStatusesShowAction extends ApiPrivateAuthAction function isReadOnly($args) { - if ($_SERVER['REQUEST_METHOD'] == 'GET') { - return true; - } else { - return false; - } + return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD'); } /** diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php index d90507aa4..42988a00f 100644 --- a/actions/apitimelineuser.php +++ b/actions/apitimelineuser.php @@ -235,7 +235,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction } /** - * Is this action read only? + * We expose AtomPub here, so non-GET/HEAD reqs must be read/write. * * @param array $args other arguments * @@ -244,11 +244,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction function isReadOnly($args) { - if ($_SERVER['REQUEST_METHOD'] == 'GET') { - return true; - } else { - return false; - } + return ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD'); } /** @@ -309,9 +305,15 @@ class ApiTimelineUserAction extends ApiBareAuthAction return; } - $xml = file_get_contents('php://input'); + $xml = trim(file_get_contents('php://input')); + if (empty($xml)) { + $this->clientError(_('Atom post must not be empty.')); + } $dom = DOMDocument::loadXML($xml); + if (!$dom) { + $this->clientError(_('Atom post must be well-formed XML.')); + } if ($dom->documentElement->namespaceURI != Activity::ATOM || $dom->documentElement->localName != 'entry') { @@ -349,7 +351,8 @@ class ApiTimelineUserAction extends ApiBareAuthAction } if (!empty($saved)) { - header("Location: " . common_local_url('ApiStatusesShow', array('notice_id' => $saved->id, + header('HTTP/1.1 201 Created'); + header("Location: " . common_local_url('ApiStatusesShow', array('id' => $saved->id, 'format' => 'atom'))); $this->showSingleAtomStatus($saved); } diff --git a/actions/oembed.php b/actions/oembed.php index 09d68a446..bef707f92 100644 --- a/actions/oembed.php +++ b/actions/oembed.php @@ -215,4 +215,15 @@ class OembedAction extends Action return; } + /** + * Is this action read-only? + * + * @param array $args other arguments + * + * @return boolean is read only action? + */ + function isReadOnly($args) + { + return true; + } } |