Long-standing misfeature: staticdir/file should only answer to GET/HEAD.

author: Robert Brewer <fumanchu@aminus.org> 2009-02-25 17:33:28 +0000
committer: Robert Brewer <fumanchu@aminus.org> 2009-02-25 17:33:28 +0000
commit: ddcd8810e217aa437162dd860173ff9ee4a146fc (patch)
tree: e9aafdb4e07b723acf4b92ab2a45a681b16942e8 /cherrypy/lib/static.py
parent: 8e901ab2b97f2aaa8cbcafb2632addc2096ae7fe (diff)
download: cherrypy-git-ddcd8810e217aa437162dd860173ff9ee4a146fc.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/cherrypy/lib/static.py b/cherrypy/lib/static.py
index e9461200..bdd99364 100644
--- a/cherrypy/lib/static.py
+++ b/cherrypy/lib/static.py
@@ -166,6 +166,9 @@ def staticdir(section, dir, root="", match="", content_types=None, index=""):
     '/home/me', the Request-URI is 'myapp', and the index arg is
     'index.html', the file '/home/me/myapp/index.html' will be sought.
     """
+    if cherrypy.request.method not in ('GET', 'HEAD'):
+        return False
+    
     if match and not re.search(match, cherrypy.request.path_info):
         return False
     
@@ -216,6 +219,9 @@ def staticfile(filename, root=None, match="", content_types=None):
     a string (e.g. "gif") and 'content-type' is the value to write
     out in the Content-Type response header (e.g. "image/gif").
     """
+    if cherrypy.request.method not in ('GET', 'HEAD'):
+        return False
+    
     if match and not re.search(match, cherrypy.request.path_info):
         return False
author	Robert Brewer <fumanchu@aminus.org>	2009-02-25 17:33:28 +0000
committer	Robert Brewer <fumanchu@aminus.org>	2009-02-25 17:33:28 +0000
commit	ddcd8810e217aa437162dd860173ff9ee4a146fc (patch)
tree	e9aafdb4e07b723acf4b92ab2a45a681b16942e8 /cherrypy/lib/static.py
parent	8e901ab2b97f2aaa8cbcafb2632addc2096ae7fe (diff)
download	cherrypy-git-ddcd8810e217aa437162dd860173ff9ee4a146fc.tar.gz