Feature/ETH-3929 omit body from GET and DELETE requests #21
Conversation
It's technically legal for GET and DELETE requests to include a request body, but some frameworks don't bother to support them and will reject the request. Rude. Query parameters are supported for all types of requests though, so we can convert the body to that format when necessary and provide no request body. Not too tricky.
00dani
requested review from
mattwithoos,
david-ethicaljobs,
dylanmctaggart-ethicaljobs and
huwethical
00dani
force-pushed
the
feature/ETH-3929-omit-get-body
branch
from
8e0a4a5
to
f483337
Compare
|
Note that this was written against the PHP7 compatible version of sdk-php, since that's the version api-app and friends need. I've confirmed it merges cleanly with current mainline as well, however. |
| $verb = strtoupper($verb); | ||
| $url = new Uri(Router::getRouteUrl($route)); | ||
|
|
||
| if (in_array($verb, ['POST', 'PUT', 'PATCH'])) { | ||
| $body = json_encode($body, JSON_THROW_ON_ERROR); | ||
| } else { | ||
| $url = $url->withQuery(http_build_query($body)); | ||
| $body = null; | ||
| } |
There was a problem hiding this comment.
already approved as this is a non blocking comment, only a suggestion to clean it up for readability:
maybe avoid using if else, e.g. swap to private methods with early returns or however you want to do it
There was a problem hiding this comment.
That's an idea! I do enjoy early returns. I'll experiment a little and see if I can make things a bit cleaner. 👍
There was a problem hiding this comment.
Ended up deciding it wouldn't be any simpler with a separate method, since it needs to change both the $body and potentially the $url and that would mean fussing around with multiple return values.
Doable, of course, but not exactly something PHP enjoys or handles very well.
While it's legal by the standard to include a request body on any kind of HTTP request, it's not normally done with methods like
GETandDELETE, and so not all HTTP frameworks properly supportGETrequests with bodies included. Rudely.Rather than trying to pass up a request body for these methods, we convert the body to query parameters and use those instead. Not too complicated.