From 8d04a7c29fcf4d0bed781de39c6d823969c20421 Mon Sep 17 00:00:00 2001 From: Athou Date: Thu, 18 Apr 2013 09:28:18 +0200 Subject: [PATCH] use POST for operations that modify data --- .../frontend/rest/resources/AdminREST.java | 2 +- .../frontend/rest/resources/EntriesREST.java | 7 ++++--- .../rest/resources/SubscriptionsREST.java | 12 ++++++------ src/main/webapp/js/services.js | 16 ++++++++-------- 4 files changed, 19 insertions(+), 18 deletions(-) diff --git a/src/main/java/com/commafeed/frontend/rest/resources/AdminREST.java b/src/main/java/com/commafeed/frontend/rest/resources/AdminREST.java index b3c34385..664c6f6d 100644 --- a/src/main/java/com/commafeed/frontend/rest/resources/AdminREST.java +++ b/src/main/java/com/commafeed/frontend/rest/resources/AdminREST.java @@ -135,7 +135,7 @@ public class AdminREST extends AbstractResourceREST { } @Path("/users/delete") - @GET + @POST @ApiOperation(value = "Delete a user", notes = "Delete a user, and all his subscriptions") public Response delete( @ApiParam(value = "user id", required = true) @QueryParam("id") Long id) { diff --git a/src/main/java/com/commafeed/frontend/rest/resources/EntriesREST.java b/src/main/java/com/commafeed/frontend/rest/resources/EntriesREST.java index a274d087..7991c743 100644 --- a/src/main/java/com/commafeed/frontend/rest/resources/EntriesREST.java +++ b/src/main/java/com/commafeed/frontend/rest/resources/EntriesREST.java @@ -6,6 +6,7 @@ import java.util.List; import javax.ws.rs.DefaultValue; import javax.ws.rs.GET; +import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.QueryParam; import javax.ws.rs.core.Response; @@ -142,7 +143,7 @@ public class EntriesREST extends AbstractResourceREST { } @Path("/entry/mark") - @GET + @POST @ApiOperation(value = "Mark a feed entry", notes = "Mark a feed entry as read/unread") public Response markFeedEntry( @ApiParam(value = "entry id", required = true) @QueryParam("id") String id, @@ -159,7 +160,7 @@ public class EntriesREST extends AbstractResourceREST { } @Path("/feed/mark") - @GET + @POST @ApiOperation(value = "Mark feed entries", notes = "Mark feed entries as read") public Response markFeedEntries( @ApiParam(value = "feed id", required = true) @QueryParam("id") String id, @@ -178,7 +179,7 @@ public class EntriesREST extends AbstractResourceREST { } @Path("/category/mark") - @GET + @POST @ApiOperation(value = "Mark category entries", notes = "Mark feed entries as read") public Response markCategoryEntries( @ApiParam(value = "category id, or 'all'", required = true) @QueryParam("id") String id, diff --git a/src/main/java/com/commafeed/frontend/rest/resources/SubscriptionsREST.java b/src/main/java/com/commafeed/frontend/rest/resources/SubscriptionsREST.java index e8ac59cc..61f9b8bd 100644 --- a/src/main/java/com/commafeed/frontend/rest/resources/SubscriptionsREST.java +++ b/src/main/java/com/commafeed/frontend/rest/resources/SubscriptionsREST.java @@ -85,7 +85,7 @@ public class SubscriptionsREST extends AbstractResourceREST { return url; } - @GET + @POST @Path("/feed/unsubscribe") @ApiOperation(value = "Unsubscribe to a feed", notes = "Unsubscribe to a feed") public Response unsubscribe( @@ -100,7 +100,7 @@ public class SubscriptionsREST extends AbstractResourceREST { } } - @GET + @POST @Path("/feed/rename") @ApiOperation(value = "Rename a subscription", notes = "Rename a feed subscription") public Response rename( @@ -115,7 +115,7 @@ public class SubscriptionsREST extends AbstractResourceREST { } @Path("/category/add") - @GET + @POST @ApiOperation(value = "Add a category", notes = "Add a new feed category") public Response addCategory( @ApiParam(value = "new name", required = true) @QueryParam("name") String name, @@ -134,7 +134,7 @@ public class SubscriptionsREST extends AbstractResourceREST { return Response.ok().build(); } - @GET + @POST @Path("/category/delete") @ApiOperation(value = "Delete a category", notes = "Delete an existing feed category") public Response deleteCategory( @@ -154,7 +154,7 @@ public class SubscriptionsREST extends AbstractResourceREST { } } - @GET + @POST @Path("/category/rename") @ApiOperation(value = "Rename a category", notes = "Rename an existing feed category") public Response renameCategory( @@ -168,7 +168,7 @@ public class SubscriptionsREST extends AbstractResourceREST { return Response.ok(Status.OK).build(); } - @GET + @POST @Path("/category/collapse") @ApiOperation(value = "Collapse a category", notes = "Save collapsed or expanded status for a category") public Response collapse( diff --git a/src/main/webapp/js/services.js b/src/main/webapp/js/services.js index 60dd5bcc..77984f0d 100644 --- a/src/main/webapp/js/services.js +++ b/src/main/webapp/js/services.js @@ -54,42 +54,42 @@ module.factory('SubscriptionService', function($resource, $http) { } }, unsubscribe : { - method : 'GET', + method : 'POST', params : { _type : 'feed', _method : 'unsubscribe' } }, rename : { - method : 'GET', + method : 'POST', params : { _type : 'feed', _method : 'rename' } }, collapse : { - method : 'GET', + method : 'POST', params : { _type : 'category', _method : 'collapse' } }, addCategory : { - method : 'GET', + method : 'POST', params : { _type : 'category', _method : 'add' } }, deleteCategory : { - method : 'GET', + method : 'POST', params : { _type : 'category', _method : 'delete' } }, renameCategory : { - method : 'GET', + method : 'POST', params : { _type : 'category', _method : 'rename' @@ -167,7 +167,7 @@ module.factory('EntryService', function($resource, $http) { } }, mark : { - method : 'GET', + method : 'POST', params : { _method : 'mark' } @@ -222,7 +222,7 @@ module.factory('AdminUsersService', function($resource) { } }, remove : { - method : 'GET', + method : 'POST', params : { _method : 'delete' }