Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

configurable path processing strategy #40

Open
mcweba opened this issue Jun 23, 2017 · 0 comments
Open

configurable path processing strategy #40

mcweba opened this issue Jun 23, 2017 · 0 comments
Assignees

Comments

@mcweba
Copy link
Collaborator

mcweba commented Jun 23, 2017

Problem

The current implementation of the vertx-rest-storage performs a path cleanup for every request before handling it. The cleanup is made with the following method:

private String cleanPath(String value) {
	value = value.replaceAll("\\.\\.", "").replaceAll("\\/\\/", "/");
	while (value.endsWith("/")) {
		value = value.substring(0, value.length() - 1);
	}
	if (value.isEmpty()) {
		return "/";
	}
	return value;
}

This cleanup contains the removal of double slashes. According to RFC3986 Section 3.3 double slashes in URIs are valid and therefore should be respected.

Since the current implementation removes double slashes before handling the request, problems can occur because the client does not expect this behaviour.

Example:
The following request defines a login entry of a user which belongs to a department:

PUT /logins/zips/560060/users/IT_Department/userA

The next request comes from a user having a department with an empty name:

PUT /logins/zips/560060/users//userB

Since vertx-rest-storage removes the double slashes, the request will be changed to:

PUT /logins/zips/560060/users/userB

which writes the userB where the department should have been written.

Solution

The path processing behaviour should be configurable via module configuration. The property called pathProcessingStrategy takes the values unmodified and cleaned. This behaviour will be applied to all requests.

However, to provide more flexibility and to not break clients already using this "wrong" behaviour I would suggest to add an additional http header

x-path-processing-strategy: [unmodified | cleaned]

which overrides the behaviour per request. Without this header, the behaviour configured in the pathProcessingStrategy property will be used.

@mcweba mcweba self-assigned this Jun 23, 2017
@mcweba mcweba changed the title Handling of double slashes configurable path processing strategy Jun 28, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant