Fix inconsistent error responses when using JSONP #2466
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Greetings,
It appears that when using JSONP, only half the time will a response be wrapped and sent, depending on where the routing cycle ends during the request.
Inconsistent Responses
For example, if any one of these things occur during the request, the response will not be wrapped in JSONP:
Only when these things occur, do they actually get wrapped in a JSONP response:
Motivation
In our situation, we have created a custom authentication scheme that will check and authenticate a query, header or cookie parameter (e.g. API key) and return the credentials for the route handler.
Since state and authentication occurs earlier in the routing cycle than JSONP does, those responses will not be wrapped up in a JSONP context, making it impossible for the client to understand what happened. Same thing goes if a route parameter was bogus. However, if they mess up a query parameter, they would actually get that error wrapped.
GET /some/stuff?callback=test
(no key param, cookie, or Authorization header)Expected
Actual
TL.DR
This request moves JSONP handling to the top of the request cycle, as an attempt to make all responses consistent. Naturally, the only response that would not get wrapped is when the jsonp callback method name is invalid, then obviously it cannot be wrapped.
If the client is passing in a JSONP callback, they should expect that the response, no matter how it ends, should come back wrapped up. Error or not, here I come!