From d19cb0349c33582d94870e3061e82c47f5846668 Mon Sep 17 00:00:00 2001 From: Greg Edwards Date: Fri, 30 Dec 2016 21:33:51 -0700 Subject: [PATCH] Only override request methods via '_method' on POST. --- lib/src/rocket.rs | 2 +- lib/tests/form_method-issue-45.rs | 15 ++++++++++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/lib/src/rocket.rs b/lib/src/rocket.rs index a3d76233..cc989df9 100644 --- a/lib/src/rocket.rs +++ b/lib/src/rocket.rs @@ -141,7 +141,7 @@ impl Rocket { // field which we use to reinterpret the request's method. let data_len = data.peek().len(); let (min_len, max_len) = ("_method=get".len(), "_method=delete".len()); - if req.content_type().is_form() && data_len >= min_len { + if req.method() == Method::Post && req.content_type().is_form() && data_len >= min_len { let form = unsafe { from_utf8_unchecked(&data.peek()[..min(data_len, max_len)]) }; diff --git a/lib/tests/form_method-issue-45.rs b/lib/tests/form_method-issue-45.rs index d451d083..ef071feb 100644 --- a/lib/tests/form_method-issue-45.rs +++ b/lib/tests/form_method-issue-45.rs @@ -4,6 +4,7 @@ extern crate rocket; use rocket::request::Form; +use rocket::http::Status; #[derive(FromForm)] struct FormData { @@ -24,7 +25,7 @@ use rocket::http::ContentType; fn method_eval() { let rocket = rocket::ignite().mount("/", routes![bug]); - let mut req = MockRequest::new(Patch, "/") + let mut req = MockRequest::new(Post, "/") .header(ContentType::Form) .body("_method=patch&form_data=Form+data"); @@ -32,3 +33,15 @@ fn method_eval() { let body_str = response.body().and_then(|b| b.into_string()); assert_eq!(body_str, Some("OK".to_string())); } + +#[test] +fn get_passes_through() { + let rocket = rocket::ignite().mount("/", routes![bug]); + + let mut req = MockRequest::new(Get, "/") + .header(ContentType::Form) + .body("_method=patch&form_data=Form+data"); + + let mut response = req.dispatch_with(&rocket); + assert_eq!(response.status(), Status::NotFound); +}