If an RPC call is made that happens to have an e-mail address or similar in the last path position (eg. www.example.com/rpc/resource/peter@example.com), the REST server module getResponseFormatter() function mistakenly tries to interpret it as a request for the .com format. In cases where a corresponding format cannot be found, the call should proceed further instead of giving an error message.

Actually, to bring it a bit further, specifying the format at the end like this is a very questionable solution, especially with a possible format like .php attached to the end of the URL. This is not something a correctly set up web server should let through. So, the best solution would be to make this suffix format specification optional, something to be enabled specifically.

CommentFileSizeAuthor
#9 interdiff-2808923-7-9.txt2.48 KBcolan
#9 services-rest_server_blocks_dot_paths-2808923-9.patch7.67 KBcolan
#7 services-rest_server_blocks_dot_paths-2808923-7.patch5 KBcolan
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

djg_tram created an issue. See original summary.

djg_tram’s picture

djg_tram CreditAttribution: djg_tram as a volunteer commented
Issue summary: View changes
djg_tram’s picture

djg_tram CreditAttribution: djg_tram as a volunteer commented
Title: REST server, » REST server fails on path ending in .xx
tyler.frankenstein’s picture

tyler.frankenstein CreditAttribution: tyler.frankenstein commented

I'd recommend URL encoding the e-mail address.

kylebrowning’s picture

kylebrowning CreditAttribution: kylebrowning as a volunteer and at Acquia commented
Category: Bug report » Feature request
colan’s picture

colan
he/him
Primary language English
Location Toronto 🇨🇦
CreditAttribution: colan at Colan Schwartz Consulting for Aegir Cooperative commented

I'd argue that this is a actually a bug report, not a feature request, but I'll leave as-is given the maintainer's decision.

In any case, I tried the URL-encoded version of ".", "%2E", but that didn't work either.

@kylebrowning @tyler.frankenstein: Any tips on where this should be done in the code, or any other advice? I'll see if I can throw a patch together as this is hampering my progress in #2796625: Allow remote variable setting via Aegir Services.

colan’s picture

colan
he/him
Primary language English
Location Toronto 🇨🇦
CreditAttribution: colan at Colan Schwartz Consulting for Aegir Cooperative commented
Status: Active » Needs review
FileSize
services-rest_server_blocks_dot_paths-2808923-7.patch5 KB

This should do it.

kylebrowning’s picture

kylebrowning CreditAttribution: kylebrowning as a volunteer and at Acquia commented
Status: Needs review » Needs work

Needs tests. And then we can review.

colan’s picture

colan
he/him
Primary language English
Location Toronto 🇨🇦
CreditAttribution: colan at Colan Schwartz Consulting for Aegir Cooperative commented
Status: Needs work » Needs review
FileSize
services-rest_server_blocks_dot_paths-2808923-9.patch7.67 KB
interdiff-2808923-7-9.txt2.48 KB

Test added; see interdiff.

I also had to modify an existing test that checks for a missing formatter with a resource instance that has an invalid extension. We actually support "invalid" extensions now as these aren't necessarily data formats. The test now checks for the default formatter (JSON) if an unsupported extension was provided.