fix(Http): Only allow valid HTTP status code values via template#49882
fix(Http): Only allow valid HTTP status code values via template#49882provokateurin merged 2 commits intomasterfrom
Conversation
provokateurin
changed the title
provokateurin
force-pushed
the
fix/http/template-valid-status-codes
branch
from
b7691e8 to
98b1635
Compare
| "type": "string", | ||
| "enum": [ | ||
| "attachment; filename=\"nextcloud.log\"" | ||
| ] |
There was a problem hiding this comment.
Should that be part of API definition 🤔
There was a problem hiding this comment.
I ignored it before, but with these changes psalm is very unhappy somehow.
IMO the proper fix would be to ignore this header completely in openapi-extractor.
There was a problem hiding this comment.
Not sure, would at least be good for devices to know if a file name is given, etc?
There was a problem hiding this comment.
Yes, although on the other hand I don't know how much sense it makes to specify the value that will be returned. Just saying that a string is returned should be good enough, the clients need to parse that anyway.
| */ | ||
| namespace OCP\AppFramework\Http; | ||
|
|
||
| use OCP\AppFramework\Http; |
There was a problem hiding this comment.
didnt this explode on some version of PHP because you can not import a class with the same name as a namespace?
There was a problem hiding this comment.
I never heard of that problem before and CI is green, so I don't think it's a problem here?
Signed-off-by: provokateurin <kate@provokateurin.de>
Signed-off-by: provokateurin <kate@provokateurin.de>
provokateurin
force-pushed
the
fix/http/template-valid-status-codes
branch
from
98b1635 to
7db694f
Compare
|
/backport to stable30 |
|
/backport to stable29 |
|
/backport to stable28 |
3 participants
Summary
To prevent anyone from using invalid HTTP status codes.
Ideally it would be possible to re-use the
Sand so on template parameters when extending the parent templates, but psalm doesn't seem to support that.Checklist