conflicting order of operations when applying Content-Encoding and Content-Type headers #2868
Labels
clarification
requests to clarify, but not change, part of the spec
media and encoding
Issues regarding media type support and how to encode data (outside of query/path params)
Milestone
The specification describes how to handle requests/responses with both a Content-Type and Content-Encoding header:
" JSON Schema offers a contentEncoding keyword, which may be used to specify the Content-Encoding for the schema. ... The encoding specified by the contentEncoding keyword is independent of an encoding specified by the Content-Type header in the request or response or metadata of a multipart body – when both are present, the encoding specified in the contentEncoding is applied first and then the encoding specified in the Content-Type header."
--- https://spec.openapis.org/oas/v3.1.0#considerations-for-file-uploads
(emphasis mine)
However, this ordering is backwards with how an openapi validator would operate: the contentEncoding keyword is hidden inside the schema, at a lower level than the media-type property.
The way around this would be for the validator to peek inside the schema to see if there is a contentEncoding keyword at the top level, and use it to decode the content first before then using the media-type decoder. That's pretty ugly IMO; schemas ought to be opaque. It would be better for this data to be brought up into the media-type object itself, or simply automatically decode the content according to the Content-Encoding header before applying the media-type in the Content-Type header (is it really a desired feature that the openapi document must specify the Content-Encoding that is used? what if multiple different encodings are supported, e.g. gzip compression and brotli compression - how would that be indicated?)
In practice, how is a desired content encoding indicated in a document in order to enable proper validation of the request/response body content? I didn't find any hints on the Swagger site.
The text was updated successfully, but these errors were encountered: