From 92c11e8c617e94b1f9ee13ccf4e8dc377f52ad72 Mon Sep 17 00:00:00 2001
From: Jon goldberg <jon@palantetech.coop>
Date: Tue, 28 Apr 2015 13:53:43 -0600
Subject: [PATCH] CRM-16403 - CiviCRM API - Allow GET requests to make a
 'check' API call

---
 CRM/Utils/REST.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/CRM/Utils/REST.php b/CRM/Utils/REST.php
index 6bac6be8fd..ef1f5bf319 100644
--- a/CRM/Utils/REST.php
+++ b/CRM/Utils/REST.php
@@ -384,7 +384,9 @@ class CRM_Utils_REST {
       return $result;
     }
 
-    if ($_SERVER['REQUEST_METHOD'] == 'GET' && strtolower(substr($args[2], 0, 3)) != 'get') {
+    if ($_SERVER['REQUEST_METHOD'] == 'GET' &&
+       strtolower(substr($args[2], 0, 3)) != 'get' &&
+       strtolower($args[2] != 'check')) {
       // get only valid for non destructive methods
       require_once 'api/v3/utils.php';
       return civicrm_api3_create_error("SECURITY: All requests that modify the database must be http POST, not GET.",
-- 
2.25.1