feat: add request limits on accept, content-type, and content-length headers #502
Conversation
|
I tried to follow the style guidelines and way of working, please let me know if I did anything wrong. Happy to help! 👍 |
There was a problem hiding this comment.
Looks good from my end. I only have some questions that other maintainers (@dustinmoris) should weigh in on.
So far Giraffe doesn't have many error messages it returns that are hard coded. I could only find one place where we do it. I'm wary of having error messages like this hard coded for localization and even preference reasons. However I'm unsure of how to resolve this easily within this library.
Maybe we can have a different set of functions that takes in a custom error HTTP handler. There maybe needed two, as we check both on the presence of the header and whether the header has the correct value. let haveContentTypesCustom contentTypes errorHandler = // ... |
|
I'd prefer to make the first parameter of each of these handlers to accept an error handler. It's not just about changing the message, but the entire response should be flexible. For example an API could return this as a JSON object or plain text response but a website might want to render a HTML page with the error displayed. Here's an example of where this approach has already been taken: Of course in the final user application one would define that handler only once and then use the new handler for everything else, e.g.: |
|
Ok, that's fine by me! 👍 I'll change this to your needs. |
TheAngryByrd
force-pushed
the
feature/request-limits
branch
from
8d8c744
to
0dfc6a1
Compare
|
This feature looks pretty cool! |
Adds request guards/limitation on:
AcceptheaderContent-TypeheaderContent-LengthheaderWith user-friendly error http responses.
Closes #392