summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2015-08-31 14:58:48 +0200
committerMorris Jobke <hey@morrisjobke.de>2015-08-31 14:58:48 +0200
commitc34fbea1975517cfbb4779813fc6a805ab547c8f (patch)
tree97739ff8f239a3de48b0f887aa7830a86d883280 /lib
parent65784227d6460a9464b287cc698d3e0a54f6d0d3 (diff)
parente60c4bada151d9c3e0e3ebadf25b1c7d15a88aef (diff)
downloadnextcloud-server-c34fbea1975517cfbb4779813fc6a805ab547c8f.tar.gz
nextcloud-server-c34fbea1975517cfbb4779813fc6a805ab547c8f.zip
Merge pull request #18691 from owncloud/request-no-read
Decode request content only on getContent
Diffstat (limited to 'lib')
-rw-r--r--lib/private/appframework/http/request.php83
1 files changed, 49 insertions, 34 deletions
diff --git a/lib/private/appframework/http/request.php b/lib/private/appframework/http/request.php
index a2109439177..b430673f9a9 100644
--- a/lib/private/appframework/http/request.php
+++ b/lib/private/appframework/http/request.php
@@ -9,6 +9,7 @@
* @author Thomas Müller <thomas.mueller@tmit.eu>
* @author Thomas Tanghus <thomas@tanghus.net>
* @author Vincent Petry <pvince81@owncloud.com>
+ * @author Robin McCorkell <rmccorkell@owncloud.com>
*
* @copyright Copyright (c) 2015, ownCloud, Inc.
* @license AGPL-3.0
@@ -71,6 +72,9 @@ class Request implements \ArrayAccess, \Countable, IRequest {
/** @var ICrypto */
protected $crypto;
+ /** @var bool */
+ protected $contentDecoded = false;
+
/**
* @param array $vars An associative array with the following optional values:
* - array 'urlParams' the parameters which were matched from the URL
@@ -109,27 +113,6 @@ class Request implements \ArrayAccess, \Countable, IRequest {
: array();
}
- // 'application/json' must be decoded manually.
- if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) {
- $params = json_decode(file_get_contents($this->inputStream), true);
- if(count($params) > 0) {
- $this->items['params'] = $params;
- if($vars['method'] === 'POST') {
- $this->items['post'] = $params;
- }
- }
- // Handle application/x-www-form-urlencoded for methods other than GET
- // or post correctly
- } elseif($vars['method'] !== 'GET'
- && $vars['method'] !== 'POST'
- && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
-
- parse_str(file_get_contents($this->inputStream), $params);
- if(is_array($params)) {
- $this->items['params'] = $params;
- }
- }
-
$this->items['parameters'] = array_merge(
$this->items['get'],
$this->items['post'],
@@ -237,24 +220,19 @@ class Request implements \ArrayAccess, \Countable, IRequest {
if($this->method !== strtoupper($name)) {
throw new \LogicException(sprintf('%s cannot be accessed in a %s request.', $name, $this->method));
}
+ return $this->getContent();
case 'files':
case 'server':
case 'env':
case 'cookies':
- case 'parameters':
- case 'params':
case 'urlParams':
- if(in_array($name, array('put', 'patch'))) {
- return $this->getContent();
- } else {
- return isset($this->items[$name])
- ? $this->items[$name]
- : null;
- }
- break;
case 'method':
- return $this->items['method'];
- break;
+ return isset($this->items[$name])
+ ? $this->items[$name]
+ : null;
+ case 'parameters':
+ case 'params':
+ return $this->getContent();
default;
return isset($this[$name])
? $this[$name]
@@ -396,11 +374,48 @@ class Request implements \ArrayAccess, \Countable, IRequest {
$this->content = false;
return fopen($this->inputStream, 'rb');
} else {
- return $this->parameters;
+ $this->decodeContent();
+ return $this->items['parameters'];
}
}
/**
+ * Attempt to decode the content and populate parameters
+ */
+ protected function decodeContent() {
+ if ($this->contentDecoded) {
+ return;
+ }
+ $params = [];
+
+ // 'application/json' must be decoded manually.
+ if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) {
+ $params = json_decode(file_get_contents($this->inputStream), true);
+ if(count($params) > 0) {
+ $this->items['params'] = $params;
+ if($this->method === 'POST') {
+ $this->items['post'] = $params;
+ }
+ }
+
+ // Handle application/x-www-form-urlencoded for methods other than GET
+ // or post correctly
+ } elseif($this->method !== 'GET'
+ && $this->method !== 'POST'
+ && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
+
+ parse_str(file_get_contents($this->inputStream), $params);
+ if(is_array($params)) {
+ $this->items['params'] = $params;
+ }
+ }
+
+ $this->items['parameters'] = array_merge($this->items['parameters'], $params);
+ $this->contentDecoded = true;
+ }
+
+
+ /**
* Checks if the CSRF check was correct
* @return bool true if CSRF check passed
* @see OC_Util::callRegister()