commit b6b110c2e8f3d9b07229efbd8940c2deb45b1da9
parent 744c5f4bdb1dd9060a07ecb60d5f83ba6b2720bd
Author: Jan Dankert <develop@jandankert.de>
Date: Mon, 26 Oct 2020 16:56:47 +0100
POST requests should never be send to the UI. The API should be used for POST requests.
Diffstat:
1 file changed, 3 insertions(+), 0 deletions(-)
diff --git a/modules/cms/ui/UI.class.php b/modules/cms/ui/UI.class.php
@@ -47,6 +47,9 @@ class UI
$request->method = 'show';
}
+ if ( $request->isAction )
+ throw new \RuntimeException('The UI does not accept POST requests');
+
if ( in_array( $request->action,['index','tree','title']) )
$request->isUIAction = true;