Update to Drupal 8.2.0. For more information, see https://www.drupal.org/project/drupal/releases/8.2.0

core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php

@@ -30,14 +30,14 @@ class AuthenticationSubscriber implements EventSubscriberInterface {
   /**
    * Authentication provider filter.
    *
-   * @var \Drupal\Core\Authentication\AuthenticationProviderFilterInterface|NULL
+   * @var \Drupal\Core\Authentication\AuthenticationProviderFilterInterface|null
    */
   protected $filter;
 
   /**
    * Authentication challenge provider.
    *
-   * @var \Drupal\Core\Authentication\AuthenticationProviderChallengeInterface|NULL
+   * @var \Drupal\Core\Authentication\AuthenticationProviderChallengeInterface|null
    */
   protected $challengeProvider;
 

core/lib/Drupal/Core/EventSubscriber/DefaultExceptionHtmlSubscriber.php

@@ -133,6 +133,14 @@ class DefaultExceptionHtmlSubscriber extends HttpExceptionSubscriberBase {
       // would execute a subrequest with the 404 route's URL, then it'd be
       // generated for *that* URL, not the *original* URL.
       $sub_request = clone $request;
+
+      // The routing to the 404 page should be done as GET request because it is
+      // restricted to GET and POST requests only. Otherwise a DELETE request
+      // would for example trigger a method not allowed exception.
+      $request_context = clone ($this->accessUnawareRouter->getContext());
+      $request_context->setMethod('GET');
+      $this->accessUnawareRouter->setContext($request_context);
+
       $sub_request->attributes->add($this->accessUnawareRouter->match($url));
 
       // Add to query (GET) or request (POST) parameters:

core/lib/Drupal/Core/EventSubscriber/EntityRouteAlterSubscriber.php

@@ -30,7 +30,7 @@ class EntityRouteAlterSubscriber implements EventSubscriberInterface {
   /**
    * Constructs an EntityRouteAlterSubscriber instance.
    *
-   * @param \Drupal\Core\Entity\EntityResolverManager
+   * @param \Drupal\Core\Entity\EntityResolverManager $entity_resolver_manager
    *   The entity resolver manager.
    */
   public function __construct(EntityResolverManager $entity_resolver_manager) {

core/lib/Drupal/Core/EventSubscriber/ExceptionJsonSubscriber.php

@@ -27,6 +27,17 @@ class ExceptionJsonSubscriber extends HttpExceptionSubscriberBase {
     return -75;
   }
 
+  /**
+   * Handles a 400 error for JSON.
+   *
+   * @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
+   *   The event to process.
+   */
+  public function on400(GetResponseForExceptionEvent $event) {
+    $response = new JsonResponse(array('message' => $event->getException()->getMessage()), Response::HTTP_BAD_REQUEST);
+    $event->setResponse($response);
+  }
+
   /**
    * Handles a 403 error for JSON.
    *
@@ -71,4 +82,15 @@ class ExceptionJsonSubscriber extends HttpExceptionSubscriberBase {
     $event->setResponse($response);
   }
 
+  /**
+   * Handles a 415 error for JSON.
+   *
+   * @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
+   *   The event to process.
+   */
+  public function on415(GetResponseForExceptionEvent $event) {
+    $response = new JsonResponse(['message' => $event->getException()->getMessage()], Response::HTTP_UNSUPPORTED_MEDIA_TYPE);
+    $event->setResponse($response);
+  }
+
 }