[Checkins] SVN: keas.kmi/trunk/src/keas/kmi/ Disallow GET requests on /new.
Marius Gedminas
marius at pov.lt
Thu Sep 4 16:45:47 EDT 2008
Log message for revision 90837:
Disallow GET requests on /new.
Having a GET request create a new object in the DB violates the spirit of HTTP.
Changed:
U keas.kmi/trunk/src/keas/kmi/README.txt
U keas.kmi/trunk/src/keas/kmi/rest.py
-=-
Modified: keas.kmi/trunk/src/keas/kmi/README.txt
===================================================================
--- keas.kmi/trunk/src/keas/kmi/README.txt 2008-09-04 20:40:34 UTC (rev 90836)
+++ keas.kmi/trunk/src/keas/kmi/README.txt 2008-09-04 20:45:46 UTC (rev 90837)
@@ -216,7 +216,7 @@
>>> from zope.publisher.browser import TestRequest
>>> request = TestRequest()
- >>> request.method = 'GET'
+ >>> request.method = 'POST'
>>> newCall = rest.NewView(keys, request)
>>> key3 = newCall()
@@ -225,14 +225,6 @@
...
-----END RSA PRIVATE KEY-----
-You can also use post for the new key:
-
- >>> request.method = 'POST'
- >>> print newCall()
- -----BEGIN RSA PRIVATE KEY-----
- ...
- -----END RSA PRIVATE KEY-----
-
The key is available in the facility of course:
>>> hash = md5.new()
Modified: keas.kmi/trunk/src/keas/kmi/rest.py
===================================================================
--- keas.kmi/trunk/src/keas/kmi/rest.py 2008-09-04 20:40:34 UTC (rev 90836)
+++ keas.kmi/trunk/src/keas/kmi/rest.py 2008-09-04 20:45:46 UTC (rev 90837)
@@ -28,12 +28,10 @@
class NewView(RestView):
- def GET(self):
+ def POST(self):
self.request.response.setHeader('content-type', 'text/plain')
return self.context.generate()
- POST = GET
-
class KeyView(RestView):
def POST(self):
More information about the Checkins
mailing list