New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
If a GET piwik.php is done without any parameter, still return a HTTP 200 #7858
Conversation
|
||
return strtoupper($requestMethod) === 'GET'; | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe it would make sense to extract that somewhere global and to reuse it whereever the request method is checked like https://github.com/piwik/piwik/blob/master/core/Tracker.php#L244-L248 or https://github.com/piwik/piwik/blob/master/plugins/Annotations/Controller.php#L109 and so on
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought about this as well but noticed there were no other checks for GET
. There were 2 or 3 more cases where a check for POST
was done though. The code for this was already in that class anyway so it didn't make anything worse and was ok for me to reuse that existing bit for what we want to achieve. A new class or lib for this would certainly make sense but also requires quite a bit of work (investigating for a good lib to use etc). If we ever use another HTTP client lib it might come out of the box with it etc. Currently, I don't think it's worth the effort or the time spent is better somewhere else but can do if you think so.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree you shouldn't bother with that in the PR. Probably later PSR-7 would stand up as the obvious solution (the PSR will be accepted soon).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sounds good!
Besides the small comment - Looks good |
👍 |
If a GET piwik.php is done without any parameter, still return a HTTP 200
Hello, why is a HEAD-request not allowed? |
As soon as it is not a HTTP GET or if there are any parameters given etc we will still return a HTTP 400 do indicate we did actually not track anything
refs #7850