Rack::JSONP checks the callback parameters on non-JSON response types #43

merged 2 commits into from Dec 10, 2012


None yet
2 participants

benmanns commented Sep 25, 2011

Currently, if Rack::JSONP is being used, a request to /widgets.html?callback=* will return a 400 "Bad Request" error. This is because the check for a valid callback is run before the response's content-type is checked. This patch moves the callback test after the JSON content-type test. If accepted, a request to /widgets.html?callback=* will return the content of the response, but a request to /widgets.json?callback=* (provided that /widgets.json returns application/json) will return 400 "Bad Request".

benmanns added some commits Sep 25, 2011

@benmanns benmanns Add test cases for invalid callback with JSON and non-JSON content-ty…
@benmanns benmanns Only check for invalid callbacks after finding response to be JSON.
Previously, a request to /widgets.html?callback=* would send a 400 "Bad Request" response to the client. This change only sends 400 "Bad Request" if the response type is JSON.

rkh merged commit 551ae79 into rack:master Dec 10, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment