Opened 14 months ago
Last modified 12 months ago
#4425 new Defect
Web Services API handling design issues
| Reported by: | srokap | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | Long Term Discussion |
| Component: | API | Version: | 1.8.3 |
| Severity: | major | Keywords: | |
| Cc: | brett@… | Difficulty: |
Description
Actually there are three thing's in current REST API implementation that are badly designed to say the least:
- Optional parameters handling.
Imagine i have function 'test' getting param1 and param2, both optional. And handler function handler($a, $b).
We expect that value passed as param2 will end up always in parameter $b. But it depends on it if we provide param1 or not! If we provide param1, the value of param2 is passed as $b, if we don't it'll end up in $a...
I can't imagine how such behaviour could be expected one...
- Function serialise_parameters breaks nested arrays, as it casts array items to string... Example:
¶m2=123¶m3[1]=qwe¶m3[2][3]=fdas
is read as
Array
(
[1] => qwe
[2] =>
)
Where it should be:
Array
(
[1] => qwe
[2] => Array
(
[3] => fdas
)
)
- We require to register only global functions as rest handlers, and use eval with parameters serialized to string (sic!). I really don't see why don't we serialize parameters preserving it's structure, and pass it to function using call_user_func_array? It would even allow callback in array(class, method) format.
Change History (4)
comment:1 Changed 14 months ago by srokap
comment:2 Changed 13 months ago by srokap
- Component changed from Core to API
comment:3 Changed 12 months ago by ewinslow
- Milestone changed from Needs Review to Long Term Discussion
comment:4 Changed 12 months ago by brettp
- Severity changed from critical to major
- Summary changed from REST API handling design issues to Web Services API handling design issues
The core API isn't REST. This isn't a critical severity.
Note: See
TracTickets for help on using
tickets.
In 3. it should be sanitise instead of serialize ;-) Late hour.