# HG changeset patch
# User Benoît Allard <benoit.allard@greenbone.net>
# Date 1413275772 -7200
# Node ID 8a9fdf02bf5bdc1a72714cdd3edd4049cebed7b5
# Parent  65341d05a8f8737e3899fa586dbf2cba8872589e
Don't allow a GET request to modify the server state

diff -r 65341d05a8f8 -r 8a9fdf02bf5b farol/cache.py
--- a/farol/cache.py	Tue Oct 14 10:25:43 2014 +0200
+++ b/farol/cache.py	Tue Oct 14 10:36:12 2014 +0200
@@ -102,15 +102,8 @@
     del_current()
     return redirect(url_for('new'))
 
-@mod.route('/load/<element>', methods=['GET', 'POST'])
+@mod.route('/load/<element>', methods=['POST'])
 def load(element):
-    if request.method != 'POST':
-        if has_current():
-            # Suggest to save first
-            return render_template('cache/load.j2', element=element)
-
-        # Ouch, GET request changing state of the server ...
-
     dirname = _caching_dir()
     element = secure_filename(element)
     if dirname is None:
diff -r 65341d05a8f8 -r 8a9fdf02bf5b farol/templates/cache/load.j2
--- a/farol/templates/cache/load.j2	Tue Oct 14 10:25:43 2014 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,36 +0,0 @@
-{#
-# Description:
-# Web Template used in Farol Design
-#
-# Authors:
-# Benoît Allard <benoit.allard@greenbone.net>
-#
-# Copyright:
-# Copyright (C) 2014 Greenbone Networks GmbH
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
--#}
-
-{% extends "base.j2" %}
-{% from "macros.j2" import textinput %}
-{% block title %}Edit the title{% endblock %}
-
-{% block content %}
-<p>You asked to load {{ element }}, but you still have an unsaved document loaded. Do you want to <a href="{{ url_for('.save') }}">save</a> it first ?</p>
-<form role="form" method="POST">
-<button class="btn btn-primary" type="submit">Load "{{ element }}"</button>
-<a class="btn btn-danger" href="{{ url_for('welcome') }}">Cancel</a>
-</form>
-{% endblock %}