New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
prevents POST requests when the JSON body couldn't be correctly formed #415
Conversation
NSParameterAssert(([HTTPMethod isEqualToString:@"GET"] || [HTTPMethod isEqualToString:@"POST"])); | ||
NSParameterAssert(!([HTTPMethod isEqualToString:@"GET"] && requestBody)); | ||
NSParameterAssert(!([HTTPMethod isEqualToString:@"POST"] && !requestBody)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is a new check, but it looks like we don't have any places where we make POST requests without a body, and I can't think of a reason why you might want to.
Purchases/Networking/RCHTTPClient.m
Outdated
RCLog(@"Error creating request JSON: %@", requestBody); | ||
RCErrorLog(@"Error creating request JSON: %@", requestBody); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems like a clear case for an error log to me
@@ -179,16 +186,18 @@ - (NSMutableURLRequest *)createRequestWithMethod:(NSString *)HTTPMethod | |||
NSError *JSONParseError; | |||
NSData *body = [NSJSONSerialization dataWithJSONObject:requestBody options:0 error:&JSONParseError]; | |||
if (JSONParseError) { | |||
RCLog(@"Error creating request JSON: %@", requestBody); | |||
RCErrorLog(@"Error creating request JSON: %@", requestBody); | |||
return nil; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
new behavior: if we can't create a JSON request, don't create the request at all, just call completion with an error
Purchases/Networking/RCHTTPClient.m
Outdated
if (!urlRequest) { | ||
RCErrorLog(@"Could not create request to %@ with body %@", path, requestBody); | ||
completionHandler(-1, | ||
nil, | ||
[RCPurchasesErrorUtils networkErrorWithUnderlyingError:RCPurchasesErrorUtils.unknownError]); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there might be a nicer-looking way of doing this. But this is the essence of the PR
[self assertIsValidRequestWithMethod:httpMethod body:requestBody]; | ||
|
||
NSMutableDictionary *defaultHeaders = self.defaultHeaders.mutableCopy; | ||
[defaultHeaders addEntriesFromDictionary:headers]; | ||
|
||
NSMutableURLRequest *urlRequest = [self createRequestWithMethod:httpMethod | ||
path:path | ||
requestBody:requestBody | ||
headers:defaultHeaders]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
moved some of these checks to happen earlier in the flow, since if they fail then the method doesn't actually do anything
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No more killed pandas
…'t be parsed into JSON
3f55c9d
to
e658c27
Compare
We're consistently getting a few POST requests on the backend which have empty body.
Thing is, we never create requests with
nil
bodies intentionally, so after looking at the code it seems like this might happen if thebody
dictionary couldn't be parsed into JSON.It doesn't make sense to still hit the backend if the body of the request couldn't be correctly formed, so this does an early exit before that happens.
Also, when you hit the backend unnecessarily, a panda dies. Don't kill pandas.