Bug #52614 for CGI: request for DELETE support

Wed Dec 09 12:02:56 2009 MARKSTOS [...] cpan.org - Ticket created

Subject:

request for DELETE support

Hi, my name is James Robson. I was recently trying to coerce a .cgi Show quoted text

> script to behave in a RESTful way, and was successful with > GET|POST|PUT. However, on DELETE I got no parameters. I did some > snooping and figured out that DELETE isn't really handled by CGI.pm. > > I think DELETE would generally be called the same was as GET so I made > the following modification to CGI.pm on my machine, and DELETE works > fine. Any reason why CGI.pm couldn't/shouldn't do this? Thanks, James > > > --- /usr/local/share/perl/5.10.0/CGI.pm.bak 2009-11-05 > 15:26:07.000000000 -0700 > +++ /usr/local/share/perl/5.10.0/CGI.pm 2009-11-05 15:23:05.000000000

-0700 Show quoted text

> @@ -649,7 +649,7 @@ sub init { > > # If method is GET or HEAD, fetch the query from > # the environment. > - if ($is_xforms || $meth=~/^(GET|HEAD)$/) { > + if ($is_xforms || $meth=~/^(GET|HEAD|DELETE)$/) { > if ($MOD_PERL) { > $query_string = $self->r->args; > } else {

Wed Dec 09 12:03:59 2009 MARKSTOS [...] cpan.org - Correspondence added

To proceed with this, could you post a reference to the RFC that details how the DELETE verb should be handled? Mark

Wed Dec 09 12:04:00 2009 The RT System itself - Status changed from 'new' to 'open'

Wed Dec 09 17:29:09 2009 gilad [...] arbingersys.com - Correspondence added

Per http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.7 The DELETE method requests that the origin server delete the resource identified by the Request-URI. This method MAY be overridden by human intervention (or other means) on the origin server ... the server SHOULD NOT indicate success unless, at the time the response is given, it intends to delete the resource or move it to an inaccessible location. Compare to GET - http://www.w3.org/Protocols/rfc2616/rfc2616- sec9.html#sec9.3 The GET method means retrieve whatever information (in the form of an entity) is identified by the Request-URI. If the Request-URI refers to a data-producing process, it is the produced data which shall be returned as the entity in the response and not the source text of the process, unless that text happens to be the output of the process. Both constitute a 'Request' as detailed at http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5 Request = Request-Line ; Section 5.1 *(( general-header ; Section 4.5 | request-header ; Section 5.3 | entity-header ) CRLF) ; Section 7.1 CRLF [ message-body ] ; Section 4.3 From what I see, parameters will be handled the same (as part of entity- header = Content-Type, entity-body = params), so treating DELETE as GET looks reasonable from here. James

Thu Dec 10 10:12:51 2009 MARKSTOS [...] cpan.org - Correspondence added

James, From reading the HTTP and CGI specs, I agree that DELETE support is a reasonable and spec-compliant change. We'll also need to update the docs as part of that and possible some other bits of code. Mark

Mon Jan 04 16:27:28 2010 gilad [...] arbingersys.com - Correspondence added

Here's a patch to get things started. I perused the code and didn't see any other code changes to make from my earlier diff, but of course I may have missed something.

On Thu Dec 10 10:12:51 2009, MARKSTOS wrote:
Show quoted text

> James,
>
> From reading the HTTP and CGI specs, I agree that DELETE support is a
> reasonable and spec-compliant change.
>
> We'll also need to update the docs as part of that and possible some
> other bits of code.
>
> Mark

Subject:

patch.diff

--- /usr/local/share/perl/5.10.0/CGI.pm 2009-09-25 08:04:22.000000000 -0700 +++ CGI.pm 2010-01-04 13:18:10.759333892 -0800 @@ -649,7 +649,7 @@ sub init { # If method is GET or HEAD, fetch the query from # the environment. - if ($is_xforms || $meth=~/^(GET|HEAD)$/) { + if ($is_xforms || $meth=~/^(GET|HEAD|DELETE)$/) { if ($MOD_PERL) { $query_string = $self->r->args; } else { @@ -4688,6 +4688,17 @@ Likewise if PUTed data can be retrieved only affects people trying to use CGI for XML processing and other specialized tasks.) +=head2 THE HTTP DELETE VERB + +A DELETE verb is handled just like GET or HEAD. That is, you are given +access to the query parameters. For example, if you have a request like + + http://somelocation/script.cgi?=/a/resource/to/delete + +you may access the deletion path via + + $q->param_fetch->[0]; + =head2 DIRECT ACCESS TO THE PARAMETER LIST:

Tue Jan 12 22:07:53 2010 MARKSTOS [...] cpan.org - Correspondence added

Yanick, Besides that it would be nice to have an automated test, do you see any reason to not accept it? I lean towards accepting it since it makes CGI.pm more RFC-compliant. Mark

Thu May 22 08:06:23 2014 LEEJO [...] cpan.org - Correspondence added

This issue has been copied to: https://github.com/leejo/CGI.pm/issues/64 please take all future correspondence there. This ticket will remain open but please do not reply here. This ticket will be closed when the github issue is dealt with.

Fri May 23 14:28:05 2014 The RT System itself - Queue changed from CGI.pm to CGI

Fri Jul 25 10:02:24 2014 LEEJO [...] cpan.org - Correspondence added

Closing, this appears to have been resolved already: commit 799bd4e8970af171866be9a25758342534f46ecc Author: Eduardo Ariño de la Rubia <earino@gmail.com> Date: Thu Apr 7 11:51:52 2011 -0500 Added support for QUERY_STRING parsing for DELETE methods, added a test and patched the associated pod lib/CGI.pm | 6 +++--- t/delete.t | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 3 deletions(-)

Fri Jul 25 10:02:25 2014 LEEJO [...] cpan.org - Status changed from 'open' to 'resolved'

Bug #52614 for CGI: request for DELETE support

Preferred bug tracker