New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clean up plan for http
module
#3655
Comments
This makes sense to me 👍 these seem to be very stable
Agreed, let's not stabilize this one.
This seems useful and I would err on stabilizing it.
I think we should align with IANA here
That's a though one; maybe we should deprecate and remove it once we provide feature parity in
Can we change the class to expose the body and fire off requested events?
We should move this method into |
Thanks for the feedbacks!
There's also similar feedback from Asher. Let's keep discussing this in an independent issue.
👍
Sounds reasonable to me.
I agree with this idea. |
I think we should re-open this issue. I agree with the following with pretty much the same opinions:
Which features are we waiting on for |
@kitsonk, we considered removing |
Secure cookie maps offers transparent cookie security to help ensure that client side cookies are not tampered with. It was a foundational API of oak based on similar concepts around cookie management in Koa. It was contributed to std. It's relative low usage is in part due to relative low adoption of more recent versions of oak where it was contributed to std and has been in std far shorter time period than cookie, less than a year. The insecure version was requested to be added to keep API parity. If there is such a keen desire to get rid of it, then it should have never been accepted in the first place. |
Ok. I understand the point of keeping the insecure version, Also, I'm not opposed to having a signed cookies implementation. My main thought is that it could probably done a little simpler using a functional approach and complimenting the current |
The way to sign it isn't standardized (or is it?). Application or framework can sign it in their own ways. I'm not confident providing it from deno_std is a good idea. There's also alternative and standardized way to sign data such as JWT. I'm also not sure these methods could compete with signed cookie at this point. BTW cookie_map is not deprecated or removed. They are just marked unstable to make it possible for us to explore it more extended time (Non-unstable modules will be released as v1.0 near future (probably 2024 Q1)). |
There are 12 public paths in
std/http
:cookie.ts
cookie_map.ts
etag.ts
file_server.ts
http_errors.ts
http_status.ts
method.ts
negotiation.ts
server.ts
server_sent_event.ts
user_agent.ts
util.ts
I'd suggest we should stabilize the following in first pass:
cookie.ts
etag.ts
file_server.ts
http_status.ts
(The path might be renamed Renamehttp_status.ts
andhttp_errors.ts
#3646)negotiation.ts
user_agent.ts
and I'd suggest we move the below to
unstable/
sub directory ofstd/http
cookie_map.ts
(Looks overly complex. Not sure signed cookie is best practice today. KeyRing abstraction might be confusing)http_errors.ts
(Not sure error status code as Error object is the general enough abstraction)method.ts
(Our mothod list deviates from IANA's method registry, instead aligned to http.METHODS of node.js. Not sure this is correct)server.ts
(Server
is confusing as now CLI hasDeno.Server
. Also the usage of this is niche now as CLI has Deno.serve).server_sent_event.ts
(The issue [http/server_sent_event] Missing ServerSentEventStreamTarget ReadableStream "open" event listener #3645 looks concerning)util.ts
(Not sure it's worth exposing this (createCommonResponse) as std API)The text was updated successfully, but these errors were encountered: