The action AppBundle\Controller\CorpusAdminController::pinTextAction modifies an existing resource even though it can only be called with GET HTTP verb. Such an action should only accept PUT, POST, DELETE, or PATCH methods to avoid accidental data modification.
$pt = new PinnedText();
$pt->setCorpusId($corpus);
$pt->setTextId($text);
$pt->setUserId($user);
$em = $this->getDoctrine()->getManager();
$em->persist($pt);
$em->flush();
return new JsonResponse("Success");
}
in src/AppBundle/Controller/CorpusAdminController.php, line 290
Posted from SensioLabsInsight