-
-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhancement ; Rules for detecting non recommended HTTP DELETE + Payload #582
Comments
I have written a custom plugin rule that checks that delete operations return 204 and contain no response body. I can contribute it as a PR on Monday |
bump @lobocv |
@lobocv as the rules will looks similar solution than for DELETE can you also push a rules for GET + payload as warning that would be great btw here is a conversation for the rules |
Thanks for the bump! Sorry, this fell off my radar. I will try and get a PR up today or tomorrow. I have a few other things on my plate right now I need to prepare for. |
Forgive me, It turns out that I did not write a custom Go plugin for this. I was able to do it in the DSL with two rules. Here are the rules:
|
🤔 interesting , by no content i was not looking for HTTP response code that is here subject to debate toward simplicity and 'preference' i was more thinking about the presence of the requestBody |
Ah I see. I misunderstood. Yes the HTTP DELETE and GET operations should not have a request payload. I was thinking of response payload. You can do this with the DSL easily:
|
@daveshanley this might be interesting to have it "by default" at part of core vacuum ; at least as a warning , if not as an error |
I am just finishing up a PR to add these functions. It was pretty easy. I'll post it soon. It handles get and delete methods |
implement a warning rules when a DELETE has a requestBody as even it it can be supported is not a recommended pattern
could be set to INFO or Warning
The text was updated successfully, but these errors were encountered: