From 0a9bc591e78382b221ef5c2f463bac90564b9982 Mon Sep 17 00:00:00 2001 From: Rick Olson Date: Thu, 29 Nov 2007 02:08:51 +0000 Subject: Raise UnknownHttpMethod exception for unknown HTTP methods. Closes #10303 [tarmo] git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8235 5ecf4fe2-1ee6-0310-87b1-e25e094e27de --- actionpack/lib/action_controller/base.rb | 2 ++ actionpack/lib/action_controller/request.rb | 33 ++++++++++++++++++----------- 2 files changed, 23 insertions(+), 12 deletions(-) (limited to 'actionpack/lib/action_controller') diff --git a/actionpack/lib/action_controller/base.rb b/actionpack/lib/action_controller/base.rb index 3193362fc8..b9fd25aa8f 100755 --- a/actionpack/lib/action_controller/base.rb +++ b/actionpack/lib/action_controller/base.rb @@ -85,6 +85,8 @@ module ActionController #:nodoc: end end + class UnknownHttpMethod < ActionControllerError #:nodoc: + end # Action Controllers are the core of a web request in Rails. They are made up of one or more actions that are executed # on request and then either render a template or redirect to another action. An action is defined as a public method diff --git a/actionpack/lib/action_controller/request.rb b/actionpack/lib/action_controller/request.rb index 2926ead13a..2e63180f80 100755 --- a/actionpack/lib/action_controller/request.rb +++ b/actionpack/lib/action_controller/request.rb @@ -3,6 +3,9 @@ require 'stringio' require 'strscan' module ActionController + # HTTP methods which are accepted by default. + ACCEPTED_HTTP_METHODS = Set.new(%w( get head put post delete )) + # CgiRequest and TestRequest provide concrete implementations. class AbstractRequest cattr_accessor :relative_url_root @@ -12,18 +15,24 @@ module ActionController # such as { 'RAILS_ENV' => 'production' }. attr_reader :env + # The true HTTP request method as a lowercase symbol, such as :get. + # UnknownHttpMethod is raised for invalid methods not listed in ACCEPTED_HTTP_METHODS. + def request_method + @request_method ||= begin + method = ((@env['REQUEST_METHOD'] == 'POST' && !parameters[:_method].blank?) ? parameters[:_method].to_s : @env['REQUEST_METHOD']).downcase + if ACCEPTED_HTTP_METHODS.include?(method) + method.to_sym + else + raise UnknownHttpMethod, "#{method}, accepted HTTP methods are #{ACCEPTED_HTTP_METHODS.to_a.to_sentence}" + end + end + end + # The HTTP request method as a lowercase symbol, such as :get. # Note, HEAD is returned as :get since the two are functionally # equivalent from the application's perspective. def method - @request_method ||= - if @env['REQUEST_METHOD'] == 'POST' && !parameters[:_method].blank? - parameters[:_method].to_s.downcase.to_sym - else - @env['REQUEST_METHOD'].downcase.to_sym - end - - @request_method == :head ? :get : @request_method + request_method == :head ? :get : request_method end # Is this a GET (or HEAD) request? Equivalent to request.method == :get @@ -33,23 +42,23 @@ module ActionController # Is this a POST request? Equivalent to request.method == :post def post? - method == :post + request_method == :post end # Is this a PUT request? Equivalent to request.method == :put def put? - method == :put + request_method == :put end # Is this a DELETE request? Equivalent to request.method == :delete def delete? - method == :delete + request_method == :delete end # Is this a HEAD request? request.method sees HEAD as :get, so check the # HTTP method directly. def head? - @env['REQUEST_METHOD'].downcase.to_sym == :head + request_method == :head end def headers -- cgit v1.2.3