You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It's not interpreting the request as a GET request; it's instead matching a query string argument (which can occur with ANY URI, not just those sent via GET).
I'm not sure why we check for the identifier in the query string arguments, to be honest; we likely shouldn't. However, to change that at this time would break backwards compatibility.
Can you answer a couple questions for me, please, so we can better evaluate your concerns?
Why are you sending the identifier using a query string argument in the first place?
What problems are you observing due to the current behavior, exactly?
https://github.com/zfcampus/zf-mvc-auth/blob/25dca76fbe9017165dbe2c2dc7ac51146ea6149d/src/Authorization/DefaultResourceResolverListener.php#L126
This method can not identifier request type for authorization check.
I have REST service
Allowed methods is
COLLECTION -> GET
ENTIITY-> PUT
for authorization I have this configs
but when I'm sending request like this
zf auth think that this is ENTITY-> GET.
because of on line 137 you are checking also if identifier exist in query parameters
Originally posted by @newdevonair at zfcampus/zf-mvc-auth#144
The text was updated successfully, but these errors were encountered: