Move away from GET

We send some (not always sensitive but still) infor in the GET requests.
Better to do this with PUT (create session) and POST (fetch and close).
So that we don't leak anything we do not want to leak.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

1 files changed, 6 insertions, 6 deletions

diff --git a/appinfo/routes.php b/appinfo/routes.php
index 167cd01dd..6935e0918 100644
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@@ -26,19 +26,19 @@ namespace OCA\Text\AppInfo;
 
 return [
 	'routes' => [
-		['name' => 'Session#create', 'url' => '/session/create', 'verb' => 'GET'],
-		['name' => 'Session#fetch', 'url' => '/session/fetch', 'verb' => 'GET'],
+		['name' => 'Session#create', 'url' => '/session/create', 'verb' => 'PUT'],
+		['name' => 'Session#fetch', 'url' => '/session/fetch', 'verb' => 'POST'],
 		['name' => 'Session#sync', 'url' => '/session/sync', 'verb' => 'POST'],
 		['name' => 'Session#push', 'url' => '/session/push', 'verb' => 'POST'],
-		['name' => 'Session#close', 'url' => '/session/close', 'verb' => 'GET'],
+		['name' => 'Session#close', 'url' => '/session/close', 'verb' => 'POST'],
 
-		['name' => 'PublicSession#create', 'url' => '/public/session/create', 'verb' => 'GET'],
+		['name' => 'PublicSession#create', 'url' => '/public/session/create', 'verb' => 'PUT'],
 		['name' => 'PublicSession#updateSession', 'url' => '/public/session', 'verb' => 'POST'],
-		['name' => 'PublicSession#fetch', 'url' => '/public/session/fetch', 'verb' => 'GET'],
+		['name' => 'PublicSession#fetch', 'url' => '/public/session/fetch', 'verb' => 'POST'],
 		['name' => 'PublicSession#sync', 'url' => '/public/session/sync', 'verb' => 'POST'],
 		['name' => 'PublicSession#push', 'url' => '/public/session/push', 'verb' => 'POST'],
 
-		['name' => 'PublicSession#close', 'url' => '/public/session/close', 'verb' => 'GET'],
+		['name' => 'PublicSession#close', 'url' => '/public/session/close', 'verb' => 'POST'],
 
 		['name' => 'Settings#updateConfig', 'url' => '/settings', 'verb' => 'POST'],
 	],