Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Respond to invalid api routes with JSON #11166 #11167

Merged
merged 4 commits into from
Aug 13, 2024
Merged

Respond to invalid api routes with JSON #11166 #11167

merged 4 commits into from
Aug 13, 2024

Conversation

jacobtylerwalls
Copy link
Member

Types of changes

  • Bugfix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Description of Change

A client might issue a malformed URL, e.g. api/controlledlists/1, which is malformed because 1 is not a UUID. It would be better for the server to respond with a JSON payload that could be parsed without additional effort. See screenshots on issue.

Issues Solved

Closes #11166

Checklist

  • I targeted one of these branches:
    • dev/7.6.x (under development): features, bugfixes not covered below
    • dev/7.5.x (main support): regressions, crashing bugs, security issues, major bugs in new features
    • dev/6.2.x (extended support): major security issues, data loss issues
  • I added a changelog in arches/releases
  • I submitted a PR to arches-docs (if appropriate)
  • Unit tests pass locally with my changes
  • I added tests that prove my fix is effective or that my feature works
  • My test fails on the target branch

Ticket Background

  • Sponsored by: Getty Conservation Institute
  • Found by: @jacobtylerwalls
  • Tested by: @
  • Designed by: @

@jacobtylerwalls jacobtylerwalls linked an issue Jul 11, 2024 that may be closed by this pull request
Nonexistent api routes respond with HTML instead of JSON #11166
Closed
@apeters
Copy link
Member

apeters commented Aug 7, 2024

@jacobtylerwalls I'm not sure how to test this. I can see that we now have an endpoint at "api", but how would this be used in practice?

@jacobtylerwalls
Copy link
Member Author

Sure thing. This came up in the controlled list manager work, where due to a bug the frontend was issuing malformed AJAX requests like:

A client might issue a malformed URL, e.g. api/controlledlists/1, which is malformed because 1 is not a UUID.

So you can visit any invalid api route like api/garbage and ensure you get JSON back instead of the Django debug page. JSON is obviously much easier to parse into an error message, see screenshots on #11166 of this working in a vue app.

@apeters
Copy link
Member

apeters commented Aug 8, 2024

So you can visit any invalid api route like api/garbage and ensure you get JSON back instead of the Django debug page. JSON is obviously much easier to parse into an error message, see screenshots on #11166 of this working in a vue app.

I tried this but got a 400 htm error page instead of JSON
Screenshot 2024-08-07 at 7 06 38 PM

@jacobtylerwalls
Copy link
Member Author

I can't reproduce. Is there any additional information in the response?

@jacobtylerwalls
Copy link
Member Author

I can only get a response like that if I have DEBUG=False and a bad value in ALLOWED_HOSTS.

But you don't need to test with DEBUG=False. Testing with DEBUG=True is easy because you can verify that you do not get the url debug view, but rather the route matches and returns JSON.

apeters
apeters approved these changes Aug 13, 2024
View reviewed changes
Copy link
Member

@apeters apeters left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good! Thanks for the explanation @jacobtylerwalls !

@apeters apeters merged commit 8e6b468 into dev/7.6.x Aug 13, 2024
7 checks passed
@jacobtylerwalls jacobtylerwalls deleted the jtw/api-fallback branch August 13, 2024 21:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@apeters apeters apeters approved these changes

Assignees

@apeters apeters

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Nonexistent api routes respond with HTML instead of JSON
2 participants
@jacobtylerwalls @apeters