Enable validation/transformation of JSON:API responses

[dbanck]

APIs that follow the JSON:API specification use application/vnd.api+json instead of application/json as the value of the Content-Type header on responses.

zodios returns these responses without validation or transformation; this PR updates that behaviour to transform them as well.

It's safe to validate/transform these responses as they are still plain JSON, see 7 Document Structure.

[ecyrbe]

Thank you.

[dbanck]

Thanks for the quick review & merge 🌟

[ecyrbe]

Build in progress and new package in v10.9.2

[matis-dk]

@ecyrbe I'm running into a similar issue, were the origin webserver is returning 'content-type': 'text/html; in some circumstances. This skip the runtime validation, but still cast the response type. Essentially lying about the type (because the html payload is a string instead of the specified schema type). Is there anyway, I can enforce / opt into safe parsing the payload? This would at least catch non-conforming responses.

[ecyrbe]

@matis-dk be careful, actually the server may not be lying.
If the content has quotes like this :

"some json string"

It's actually lying, but if it does not contain quotes, it's actually really a text content and zodios and JSON.parse is right to not validate.
If you actually have control on the server, do a JSON.stringify to make it valid json.
Else, don't try to validate the string.

[rogerweb]

zodios and JSON.parse is right to not validate.

I'm trying to understand why that is the case. According to the official documentation of the Zodios client:

All your parameters and responses are fully typed. And by default they are also validated at runtime to prevent unrecoverable errors.

I expected the client to throw an error in any scenario where it didn't receive a valid object.

Else, don't try to validate the string.

Could you clarify how I can achieve this? Should I skip Zodios, perform the fetch myself and use Zod directly to validate the response?