xfra35
commented
6 years ago Thanks
Closed Glandos closed 6 years ago
xfra35
commented
6 years ago Thanks
xfra35
commented
6 years ago Both POST._method and the X-HTTP-Method-Override header allow to override the request method. This can come in handy when requesting a REST API from a simple HTML form (i.e non-ajax).
My use case is with simpleid/simpleid project. When trying to log in with OpenID 2 on http://osm.org the 3rd party send a long POST with a
_method=postin it. I totally don't know if it comes from OpenID standard or not. Nonetheless, this make the authentication failed, because of this parsing.Is there any rationale behind considering this parameter as the real method?