If a GET piwik.php is done without any parameter, still return a HTTP 200 #7858
Conversation
tsteur
added
not-in-changelog
|
|
||
| return strtoupper($requestMethod) === 'GET'; | ||
| } | ||
|
|
There was a problem hiding this comment.
Maybe it would make sense to extract that somewhere global and to reuse it whereever the request method is checked like https://github.com/piwik/piwik/blob/master/core/Tracker.php#L244-L248 or https://github.com/piwik/piwik/blob/master/plugins/Annotations/Controller.php#L109 and so on
There was a problem hiding this comment.
I thought about this as well but noticed there were no other checks for GET. There were 2 or 3 more cases where a check for POST was done though. The code for this was already in that class anyway so it didn't make anything worse and was ok for me to reuse that existing bit for what we want to achieve. A new class or lib for this would certainly make sense but also requires quite a bit of work (investigating for a good lib to use etc). If we ever use another HTTP client lib it might come out of the box with it etc. Currently, I don't think it's worth the effort or the time spent is better somewhere else but can do if you think so.
There was a problem hiding this comment.
I agree you shouldn't bother with that in the PR. Probably later PSR-7 would stand up as the obvious solution (the PSR will be accepted soon).
|
Besides the small comment - Looks good |
|
👍 |
If a GET piwik.php is done without any parameter, still return a HTTP 200
|
Hello, why is a HEAD-request not allowed? |
As soon as it is not a HTTP GET or if there are any parameters given etc we will still return a HTTP 400 do indicate we did actually not track anything
refs #7850