Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gpenverne fix/allow empty content on post and put requests #805

Closed
wants to merge 8 commits into from
Closed

Gpenverne fix/allow empty content on post and put requests #805

wants to merge 8 commits into from

Conversation

dunglas
Copy link
Member

@dunglas dunglas commented Oct 17, 2016

Q A
Bug fix? no
New feature? yes
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #781, #782
License MIT
Doc PR n/a

Follows #782. All credit go to @gpenverne.

soyuka
soyuka approved these changes Oct 17, 2016
View reviewed changes
Copy link
Member

@soyuka soyuka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

teohhanhui
teohhanhui reviewed Oct 18, 2016
View reviewed changes
features/crud.feature
@@ -358,6 +358,9 @@ Feature: Create-Retrieve-Update-Delete
"alias": null
}
"""
Scenario: PUT request on custom operations without content
Copy link
Contributor

@teohhanhui teohhanhui Oct 18, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This scenario is incorrect. This is not a custom operation, and I don't suppose it should return 200 when the semantics is undefined (for the default PUT operation). Shouldn't it be 400 instead?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed it is incorrect. But why a 400 if we allow empty requests for PUT, it should be allowed for all PUT operations isn't it?

@teohhanhui
Copy link
Contributor

What does PUT with an empty body mean? The semantics are undefined. The
purpose of this PR is to skip deserialization of empty body for custom
operations, but it should return 400 for the default POST / PUT operations.

On Tue, 18 Oct 2016, 13:52 Kévin Dunglas, notifications@github.com wrote:

@dunglas commented on this pull request.

In features/crud.feature #805:

@@ -358,6 +358,9 @@ Feature: Create-Retrieve-Update-Delete
"alias": null
}
"""

  • Scenario: PUT request on custom operations without content

Indeed it is incorrect. But why a 400 if we allow empty requests for PUT,
it should be allowed for all PUT operations isn't it?


You are receiving this because you commented.

Reply to this email directly, view it on GitHub
#805, or mute the thread
https://github.com/notifications/unsubscribe-auth/AAhf67ArDO9s_HVLNJySGDfi-NWC_sqHks5q1F6ngaJpZM4KYlj_
.

@dunglas
Copy link
Member Author

dunglas commented Oct 18, 2016

Ok got what you mean. Not sure that we should add this in core. Maybe just a doc to explain how to do that would be enough? It's weird to have a different behavior for built-in and user-land operations.

@teohhanhui
Copy link
Contributor

teohhanhui commented Oct 20, 2016
edited
Loading

It's weird to have a different behavior for built-in and user-land operations.

Ideally it should return 400 for both built-in and custom POST / PUT operations when an empty body is encountered, unless the user handles it in the custom operation. But yeah, I'm not sure how that can be implemented. So probably we should merge this as is.

@kbsali
Copy link

kbsali commented Oct 21, 2016

@teohhanhui why should it return a 400? Sending empty content is not an error!

@teohhanhui
Copy link
Contributor

teohhanhui commented Oct 21, 2016
edited
Loading

@kbsali:

why should it return a 400? Sending empty content is not an error!

It really depends on the content type. For example, an empty string is NOT valid JSON.

@Simperfit Simperfit mentioned this pull request Oct 29, 2016
Closed
@kbsali kbsali mentioned this pull request Dec 12, 2016
Closed
@dunglas dunglas mentioned this pull request Jan 12, 2017
Merged
@teohhanhui teohhanhui mentioned this pull request Jul 24, 2017
Merged
@soyuka soyuka mentioned this pull request Jul 24, 2017
Closed
@soyuka soyuka added the waiting label Nov 6, 2017
@jdeniau
Copy link
Contributor

jdeniau commented Dec 19, 2017

Hi @soyuka or @dunglas ,

What is the status of this PR ? empty content has been allowed on PUT request via #1274 .

@teohhanhui : You are right that empty string is an invalid JSON but POST method do send empty string as body if you don't specify one.

For me this should be iso between all "unsafe" methods (except DELETE), if you send an error you should send errors on PUT, POST, PATCH, etc., but if you don't send an error, you should not send error at all.

@soyuka
Copy link
Member

soyuka commented Dec 19, 2017

@jdeniau I think it'll be resolved once every point I stated in #1282 are. Maybe we should close this in favor of #1282.

@dunglas dunglas closed this Jan 15, 2018
@gorghoa gorghoa mentioned this pull request Mar 21, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@teohhanhui teohhanhui teohhanhui approved these changes

@soyuka soyuka soyuka approved these changes

@Simperfit Simperfit Simperfit approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@dunglas @teohhanhui @kbsali @jdeniau @soyuka @Simperfit @gpenverne