kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-09-29 02:57:45 +00:00
Code Issues Projects Releases Wiki Activity

Fix #9876

Browse Source
This commit is contained in:
James Cole
2025-03-09 10:35:12 +01:00
parent b60021e0ce
commit a8e1c22c93
2 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/Http/Middleware/AcceptHeaders.php
View File

@@ -50,13 +50,19 @@ class AcceptHeaders
throw new BadHttpHeaderException(sprintf('Accept header "%s" is not something this server can provide.', $request->header('Accept')));
}
// if bad 'Content-Type' header, refuse service.
if (('POST' === $method || 'PUT' === $method) && !$request->hasHeader('Content-Type')) {
// some routes are exempt from this.
$exempt = [
'api.v1.data.bulk.transactions'
];
if (('POST' === $method || 'PUT' === $method) && !$request->hasHeader('Content-Type') && !in_array($request->route()->getName(), $exempt, true)) {
$error = new BadHttpHeaderException('Content-Type header cannot be empty.');
$error->statusCode = 415;
throw $error;
}
if (('POST' === $method || 'PUT' === $method) && !$this->acceptsHeader($submitted, $contentTypes)) {
if (('POST' === $method || 'PUT' === $method) && !$this->acceptsHeader($submitted, $contentTypes) && !in_array($request->route()->getName(), $exempt, true)) {
$error = new BadHttpHeaderException(sprintf('Content-Type cannot be "%s"', $submitted));
$error->statusCode = 415;