Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Validation for cookies and other headers #1588

Closed
danielb2 opened this issue Apr 23, 2014 · 5 comments
Closed

Validation for cookies and other headers #1588

danielb2 opened this issue Apr 23, 2014 · 5 comments
Assignees
Labels
Milestone

Comments

@danielb2
Copy link
Contributor

@danielb2 danielb2 commented Apr 23, 2014

When relying on specific headers and/or cookies to be set for specific calls, it would be useful to have validation for those as well.

@hueniverse
Copy link
Contributor

@hueniverse hueniverse commented Apr 23, 2014

Headers validation is tricky because HTTP headers are a mess. But if we just ignore that and present them as string you can do whatever you want with, it's pretty easy to setup.

@joshua-mcginnis
Copy link
Contributor

@joshua-mcginnis joshua-mcginnis commented Apr 23, 2014

@danielb2 One option would be to write a plugin that does this validation at one of the extension points, such as onRequest.

Here's a simplified version of a plugin I use to enforce a specific content-type for all my PATCH routes. You could easily modify it to look at other headers and return the appropriate error based on your rules.

exports.register = function(plugin, options, next) {

  plugin.ext('onRequest', function (request, reply) {

    var method = request.method;
    var contentType = request.headers['content-type'];

    if(method === 'patch' && contentType !== 'application/json-patch+json') {
      return reply(Hapi.error.unsupportedMediaType());
    }

    reply();
  });

  next();
};

@hueniverse
Copy link
Contributor

@hueniverse hueniverse commented Apr 24, 2014

Validation is changing a bit in v5 and this would fit right in.

@joshua-mcginnis
Copy link
Contributor

@joshua-mcginnis joshua-mcginnis commented Apr 24, 2014

Look forward to hearing more.

@lock
Copy link

@lock lock bot commented Jan 9, 2020

This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.

@lock lock bot locked as resolved and limited conversation to collaborators Jan 9, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants