Fix inconsistent error responses when using JSONP #2466
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ors will be wrapped in a callback, instead of just some.
|
On a side note, we had to add a pre-response hook to fudge response codes for JSONP requests, since some browsers eat scripts that don't come back status 200. For example: server.ext('onPreResponse', function(request, reply) {
if (request.jsonp) {
if (request.response.isBoom) {
request.response.output.statusCode = 200;
} else {
// This might need to change if the response is totally custom like a string or something
request.response.statusCode = 200;
}
}
return reply.continue();
}); |
|
I agree that this is a problem, but this solution won't work because the jsonp parameter cannot be removed until auth is done. I'll solve it a bit differently. |
|
This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Greetings,
It appears that when using JSONP, only half the time will a response be wrapped and sent, depending on where the routing cycle ends during the request.
Inconsistent Responses
For example, if any one of these things occur during the request, the response will not be wrapped in JSONP:
Only when these things occur, do they actually get wrapped in a JSONP response:
Motivation
In our situation, we have created a custom authentication scheme that will check and authenticate a query, header or cookie parameter (e.g. API key) and return the credentials for the route handler.
Since state and authentication occurs earlier in the routing cycle than JSONP does, those responses will not be wrapped up in a JSONP context, making it impossible for the client to understand what happened. Same thing goes if a route parameter was bogus. However, if they mess up a query parameter, they would actually get that error wrapped.
GET /some/stuff?callback=test(no key param, cookie, or Authorization header)Expected
Actual
TL.DR
This request moves JSONP handling to the top of the request cycle, as an attempt to make all responses consistent. Naturally, the only response that would not get wrapped is when the jsonp callback method name is invalid, then obviously it cannot be wrapped.
If the client is passing in a JSONP callback, they should expect that the response, no matter how it ends, should come back wrapped up. Error or not, here I come!