Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: don't implicitly parse URL encoded form data as JSON #2394

Merged
merged 1 commit into from Oct 2, 2023
Merged

fix: don't implicitly parse URL encoded form data as JSON #2394

merged 1 commit into from Oct 2, 2023

Conversation

provinzkraut
Copy link
Member

We currently parse URL encoded form data as JSON. This is arguably not the correct behaviour and can lead to serious bugs if something looks like JSON but isn't meant to be. It is also unexpected and there's no way for a user to control this.

This PR fixes the behaviour and adjusts the tests accordingly.

As an aside, it allows us to make fast-query-parsers optional as a speedup, which has now been moved to the standard and full extra.

@provinzkraut
fix: don't implicitly parse form data as JSON
570cfe8 
Signed-off-by: Janek Nouvertné <25355197+provinzkraut@users.noreply.github.com>
@provinzkraut provinzkraut requested review from a team as code owners October 2, 2023 14:34
cofin
cofin approved these changes Oct 2, 2023
View reviewed changes
Copy link
Member

@cofin cofin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM and another welcomed change

@provinzkraut provinzkraut enabled auto-merge (squash) October 2, 2023 14:38
@provinzkraut provinzkraut merged commit 3d950e9 into main Oct 2, 2023
15 checks passed
@provinzkraut provinzkraut deleted the optional-fast-query-parsers branch October 2, 2023 14:51
@sonarcloud
Copy link

sonarcloud bot commented Oct 2, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

100.0% 100.0% Coverage
0.0% 0.0% Duplication

@github-actions
Copy link

github-actions bot commented Oct 2, 2023

Documentation preview will be available shortly at https://litestar-org.github.io/litestar-docs-preview/2394

@provinzkraut provinzkraut mentioned this pull request Oct 3, 2023
Open
@MaxenceBouvier
Copy link

Hi,
I just wanted to make sure: does this change implies that the TODO list tutorial is somehow not up to date?
This tutorial indicates that the dict elements would be returned with a nice json exploration frontend interface, but what I have is plain text:
image

I am using:
Python version 3.12.2
Litestar version 2.6.1

Thanks.

@provinzkraut
Copy link
Member Author

provinzkraut commented Feb 21, 2024
edited

No, this has nothing to do with that. How the JSON presented in the browser is entirely up to your browser. The change only affects how incoming form data is parsed, not how data is rendered as JSON. As you can see, it is still JSON; Your browser just displays it differently than the one you're seeing a screenshot of in the tutorial.

The "nice json exploration frontend interface" is just how Firefox displays JSON.

@MaxenceBouvier
Copy link

@provinzkraut Thanks for your fast and detailed answer.
That actually helps a lot!
I would not have looked on the browser side for this json interface (non)issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cofin cofin cofin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@provinzkraut @MaxenceBouvier @cofin