Details
-
Bug
-
Resolution: Fixed
-
High
-
None
-
None
Description
Our REST API v2 uses some exotic http verbs like PUBLISH, MOVE, COPY, SWAP, and the more common but still quite exotic PATCH.
These things don't work on older, stricter configured, or less mature http servers, proxies or enterprise http scanning firewalls.
This was already identified when REST API v2 was specified, so it was allowed to alternatively use POST and set these verbs using X-HTTP-Method-Override.
To avoid issues with http security equipment at customer infrastructure (very common in banks, quite common in any "enterprise" setting), and to be able to support PHP's built in web server again for super simple eZ Platform setup; JS REST client should use POST and X-HTTP-Method-Override everywhere this is possible, to be on the safe side.