Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Comments

Request::getBody(), see #57#58

Open
JanTvrdik wants to merge 1 commit intonette:master from
JanTvrdik:request_get_body
Open

Request::getBody(), see #57 #58
JanTvrdik wants to merge 1 commit intonette:master from
JanTvrdik:request_get_body

Conversation

@JanTvrdik
Copy link
Contributor

@JanTvrdik JanTvrdik commented Feb 27, 2015

No description provided.

fprochazka reacted with heart emoji
Copy link
Contributor

@fprochazka fprochazka Feb 27, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO rawbody should return rawbody, not parsed body

Copy link
Contributor Author

@JanTvrdik JanTvrdik Feb 27, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

? This commit does not change getRawBody() result.

Copy link
Contributor

@fprochazka fprochazka Feb 27, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're using the same callback, that also parses the JSON for application/json, aren't you?

Copy link
Contributor

@fprochazka fprochazka Feb 27, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, you've added new parameter, sorry :)

Copy link
Contributor

Although it's a nice closure magic, I'm afraid it's gonna be slow, it's not even lazy... I mean, those unnecessary body calls could be easily avoided if type check was extracted outside (like addBodyCallback('application/json', $cb)).

Copy link
Contributor Author

@Majkl578 That's how I originally wanted to do it, but then I though that it is not powerful enough. What if you want to make decision based on something different than Content-Type (e.g. HTTP method)? What if you want to handle all something/* types? That being said I like the simple solution addBodyCallback('application/json', $cb) more than the current one.

Copy link
Contributor Author

JanTvrdik commented Apr 23, 2015
edited
Loading

(削除) Sidenote: it must somehow workaround the JSON decode DOS vulnerability. (削除ここまで)

@dg dg force-pushed the master branch 7 times, most recently from 1dc599c to f35d20f Compare November 5, 2015 00:41
@JanTvrdik JanTvrdik force-pushed the request_get_body branch 2 times, most recently from f73e5f9 to 48409af Compare June 5, 2016 07:15
@JanTvrdik JanTvrdik changed the title (削除) WIP: Request::getBody(), see #57 (削除ここまで) (追記) Request::getBody(), see #57 (追記ここまで) Jun 5, 2016
Copy link
Contributor Author

I think that this is now ready to merge.

* @throws InvalidRequestBodyException
*/
public function getBody()
{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

indentation

Copy link
Contributor

enumag commented Jun 5, 2016
edited
Loading

@JanTvrdik What about the JSON decode DOS vulnerability? I didn't see anything that would solve it in your code (but I might have missed it of course).

Copy link
Contributor Author

JanTvrdik commented Jun 5, 2016
edited
Loading

@enumag I ignore it the same way everybody in the PHP worlds ignores it. Those few that are concern may replace the body parser for JSON with sth smarter.

Copy link
Contributor Author

BTW: PSR7 calls this method getParsedBody() instead of just getBody(). It is longer but a bit more descriptive.

if ($body === NULL) {
$contentType = $request->getHeader('Content-Type');
foreach ($this->bodyParsers as $parserContentType => $parser) {
if (stripos($contentType, $parserContentType) === 0) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

strcasecmp is better

Copy link
Contributor Author

@JanTvrdik JanTvrdik Jun 6, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You mean strncasecmp?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. Its PHP shame that there is no startsWith function.

@dg dg force-pushed the master branch 5 times, most recently from 55488bd to 2042d2e Compare December 11, 2023 13:01
@dg dg force-pushed the master branch 2 times, most recently from 4960652 to 5e67add Compare May 2, 2024 10:56
@dg dg force-pushed the master branch 5 times, most recently from 689f4ae to 33aae19 Compare November 5, 2024 06:45
@dg dg force-pushed the master branch 4 times, most recently from 09923de to 02ae846 Compare January 16, 2025 04:45
@dg dg force-pushed the master branch 7 times, most recently from dc02250 to 80e8e2b Compare December 30, 2025 00:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AltStyle によって変換されたページ (->オリジナル) /