Request::getBody(), see #57 by JanTvrdik · Pull Request #58 · nette/http

JanTvrdik · 2015-02-27T13:02:06Z

No description provided.

fprochazka · 2015-02-27T13:09:55Z

src/Http/Request.php

IMHO rawbody should return rawbody, not parsed body

? This commit does not change getRawBody() result.

You're using the same callback, that also parses the JSON for application/json, aren't you?

Oh, you've added new parameter, sorry :)

Majkl578 · 2015-02-27T13:43:59Z

Although it's a nice closure magic, I'm afraid it's gonna be slow, it's not even lazy... I mean, those unnecessary body calls could be easily avoided if type check was extracted outside (like addBodyCallback('application/json', $cb)).

JanTvrdik · 2015-02-27T14:07:51Z

@Majkl578 That's how I originally wanted to do it, but then I though that it is not powerful enough. What if you want to make decision based on something different than Content-Type (e.g. HTTP method)? What if you want to handle all something/* types? That being said I like the simple solution addBodyCallback('application/json', $cb) more than the current one.

JanTvrdik · 2015-04-23T16:18:58Z

~~Sidenote: it must somehow workaround the JSON decode DOS vulnerability.~~

JanTvrdik · 2016-06-05T07:15:49Z

I think that this is now ready to merge.

enumag · 2016-06-05T07:20:25Z

src/Http/Request.php

+	 * @throws InvalidRequestBodyException
+	 */
+	public function getBody()
+		{


indentation

enumag · 2016-06-05T07:27:50Z

@JanTvrdik What about the JSON decode DOS vulnerability? I didn't see anything that would solve it in your code (but I might have missed it of course).

JanTvrdik · 2016-06-05T11:31:14Z

@enumag I ignore it the same way everybody in the PHP worlds ignores it. Those few that are concern may replace the body parser for JSON with sth smarter.

JanTvrdik · 2016-06-05T12:39:14Z

BTW: PSR7 calls this method getParsedBody() instead of just getBody(). It is longer but a bit more descriptive.

dg · 2016-06-06T17:16:57Z

src/Http/RequestFactory.php

+			if ($body === NULL) {
+				$contentType = $request->getHeader('Content-Type');
+				foreach ($this->bodyParsers as $parserContentType => $parser) {
+					if (stripos($contentType, $parserContentType) === 0) {


strcasecmp is better

You mean strncasecmp?

Yes. Its PHP shame that there is no startsWith function.

fprochazka reviewed Feb 27, 2015
View reviewed changes

dg force-pushed the master branch from 78a872a to 360dadc Compare June 19, 2015 12:10

dg force-pushed the master branch 7 times, most recently from 1dc599c to f35d20f Compare November 5, 2015 00:41

dg force-pushed the master branch from 805ff25 to dadd667 Compare February 8, 2016 13:29

dg force-pushed the master branch from 51568f8 to 2381182 Compare April 11, 2016 01:45

dg force-pushed the master branch from 19c6fa9 to 28af524 Compare April 21, 2016 11:29

dg force-pushed the master branch from 6286f91 to d523f35 Compare May 9, 2016 12:49

JanTvrdik force-pushed the request_get_body branch 2 times, most recently from f73e5f9 to 48409af Compare June 5, 2016 07:15

JanTvrdik changed the title ~~WIP: Request::getBody(), see #57~~ Request::getBody(), see #57 Jun 5, 2016

JanTvrdik force-pushed the request_get_body branch from 48409af to 48a3e5f Compare June 5, 2016 07:17

enumag reviewed Jun 5, 2016
View reviewed changes

src/Http/Request.php Outdated

* @throws InvalidRequestBodyException

*/

public function getBody()

{

Copy link

Contributor

enumag Jun 5, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

indentation

JanTvrdik force-pushed the request_get_body branch from 48a3e5f to 6363c41 Compare June 5, 2016 07:27

Request: add getBody (interface BC break)

1627f10

JanTvrdik force-pushed the request_get_body branch from 6363c41 to 1627f10 Compare June 5, 2016 12:30

dg reviewed Jun 6, 2016
View reviewed changes

dg force-pushed the master branch 6 times, most recently from a00de7a to 4210d9e Compare January 30, 2017 01:57

dg force-pushed the master branch from 8b74ce7 to 86c9227 Compare February 2, 2017 00:54

dg force-pushed the master branch 2 times, most recently from 7f12fde to 9791354 Compare February 10, 2017 12:57

dg force-pushed the master branch 2 times, most recently from 51f373c to 69af026 Compare June 13, 2017 09:59

dg force-pushed the master branch 3 times, most recently from 87fefb5 to 9590f91 Compare July 21, 2017 19:42

dg force-pushed the master branch 4 times, most recently from 56c2641 to 544d9e6 Compare March 14, 2018 18:37

dg force-pushed the master branch from 5b3f80a to a79348e Compare May 10, 2018 20:38

dg force-pushed the master branch 11 times, most recently from 0ac6562 to 4493f9b Compare August 30, 2018 23:01

Uh oh!

Conversation

JanTvrdik commented Feb 27, 2015

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Majkl578 commented Feb 27, 2015

Uh oh!

JanTvrdik commented Feb 27, 2015

Uh oh!

JanTvrdik commented Apr 23, 2015 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

JanTvrdik commented Jun 5, 2016

Uh oh!

Choose a reason for hiding this comment

Uh oh!

enumag commented Jun 5, 2016 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

JanTvrdik commented Jun 5, 2016 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

JanTvrdik commented Jun 5, 2016

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

JanTvrdik commented Apr 23, 2015 •

edited

Loading

enumag commented Jun 5, 2016 •

edited

Loading

JanTvrdik commented Jun 5, 2016 •

edited

Loading