Handle GET request query parameters. #429
Conversation
This commit adds plugin utilities that will allow users to craft Request and Responses, and MockServices so they will be able to test their Layers and Plugins in isolation.
apollo-router-core/src/request.rs
Outdated
| @@ -46,6 +46,34 @@ where | |||
| } | |||
|
|
|||
| impl Request { | |||
| pub fn from_urlencoded_query(url_encoded_query: String) -> Result<Request, serde_json::Error> { | |||
| // decode percent encoded string | |||
| // from the docs `Unencoded `+` is preserved literally, and _not_ changed to a space.`, | |||
There was a problem hiding this comment.
Which docs? Specify a reference here please.
There was a problem hiding this comment.
Also probably could do with a larger comment here with background on the problem.
There was a problem hiding this comment.
Do we currently have a way to forbid mutations from happening over GET? Mutations should not be allowed over GET. (And we should return HTTP 405 Method Not Allowed.)
Marking as requested changes, mostly just because it's important. (Haven't reviewed the rest!)
|
it somehow looks like i can't comment on the thread anymore, I've adressed the comment related issue in 1e4dc1a |
|
is forbidding mutations due to CSRF (cf https://blog.doyensec.com/2021/05/20/graphql-csrf.html )? |
This commit allows us to parse --data-urlencoded get parameters, to handle a graphql request.
…eived get parameter data
o0Ignition0o
force-pushed
the
igni/http_get_support
branch
from
1e4dc1a
to
84f5056
Compare
|
@abernix getting there! Just need to make sure the response body matches our expectations (or the gateways) |
That definitely comes into play though I don't think that this alone would be sufficient to tick that box since At the core of it for me is that |
… a graphql error now though.
We can use this changelog in the future! Ref: #429
This removes `Request::from_bytes()` from the public API. We were no longer using it and we don't expect anyone external to have been relying on it. This was discovered this function during an exercise of documenting our entire public API. We considered keeping it briefly, but it doesn't necessarily meet our requirements for shipping it in the public API. It's internal usage was removed in [`d147f97d`](d147f97d as part of [PR #429](#429). We can consider re-introducing this in the future (it even has a matching `Response::from_bytes()` which it composes against nicely!), but it seemed worth remove it for the time-being until the use-cases are here. (We can already see the use-cases, but we want to actually design them first.) Closes #1855
This removes `Request::from_bytes()` from the public API. We were no longer using it and we don't expect anyone external to have been relying on it. This was discovered this function during an exercise of documenting our entire public API. We considered keeping it briefly, but it doesn't necessarily meet our requirements for shipping it in the public API. It's internal usage was removed in [`d147f97d`](d147f97d) as part of [PR #429](#429). We can consider re-introducing this in the future (it even has a matching `Response::from_bytes()` which it composes against nicely!), but it seemed worth remove it for the time-being until the use-cases are here. (We can already see the use-cases, but we want to actually design them first.) Closes #1855
This commit allows us to parse --data-urlencoded get parameters, to handle a graphql request.