diff options
author | David Lawrence <dkl@mozilla.com> | 2015-04-10 17:34:53 +0200 |
---|---|---|
committer | David Lawrence <dkl@mozilla.com> | 2015-04-10 17:34:53 +0200 |
commit | 06da34e74687de919804c87c8d5e15edbc570522 (patch) | |
tree | ae0e238bda004bc4ba2ff87bed0f438f12325546 /Bugzilla/API/1_0 | |
parent | a6d74986bd7b96aa41624ed407a46f7f63eadd55 (diff) | |
download | bugzilla-06da34e74687de919804c87c8d5e15edbc570522.tar.gz bugzilla-06da34e74687de919804c87c8d5e15edbc570522.tar.xz |
Bug 1051056: The REST API needs to be versioned so that new changes can be made that do not break compatibility
- Fix issue where PUT requests were treated as GET and failed when updating a bug, etc.
Diffstat (limited to 'Bugzilla/API/1_0')
-rw-r--r-- | Bugzilla/API/1_0/Server.pm | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/Bugzilla/API/1_0/Server.pm b/Bugzilla/API/1_0/Server.pm index 6136440cf..108c25e27 100644 --- a/Bugzilla/API/1_0/Server.pm +++ b/Bugzilla/API/1_0/Server.pm @@ -260,7 +260,8 @@ sub _params_check { } } - if ($self->request->method eq 'POST') { + if ($self->request->method eq 'POST' + || $self->request->method eq 'PUT') { # CSRF is possible via XMLHttpRequest when the Content-Type header # is not application/json (for example: text/plain or # application/x-www-form-urlencoded). |