Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default content-type being set with 'json: true' breaks code #1783

Closed
addisonj opened this issue Sep 24, 2015 · 7 comments
Closed

Default content-type being set with 'json: true' breaks code #1783

addisonj opened this issue Sep 24, 2015 · 7 comments

Comments

@addisonj
Copy link

With 2.63.0 and #1772, request re-introduces subtle breaking behavior. It is considered bad HTTP to send content-types with requests without a body. For example, I just had breaking behavior where I use HMAC authentication to sign API requests and then send that signature with request. Since the content-type is included in the signature and now I get a content-type that wasn't expected, I get signatures that don't match and everything goes kaboom... I can code around it, but I don't think I should have too.

I also am pretty sure this is actually a regression. I don't have time to do the bug search right now, but years ago, I remember this broke against things like express (in like the 2.x days) where a content-type that was sent without a body would result in an error. While it was also an express bug, it was determined that setting a content-type without a body was bad form. If you need that behavior, it should be opt in, not the default where these headers matter. While the docs seem to imply it, it seems much more like a doc bug than anything.

Either way, changes to the default behavior or headers is a big enough change that it needs to done with a bit more caution, perhaps even a major version bump. I would vote for reverting that change, as I think it will probably break for a lot more people.
@adamnreed
Copy link

I also dealt with this issue today. 2.63.0 is marked as compatible with 2.44.0. In my case, not true, this broke for me.

@paul-english
Copy link

If this is the preferred behavior, we might want a test to ensure there is no content-type when a request has no body.

@simov
Copy link
Member

simov commented Sep 24, 2015

I can't find anywhere in the spec explicitly stated that requests without body, are not allowed to have a content-type set. On the other hand I can agree that it doesn't make sense to have a content-type without having a body.

The problem here comes from the json option itself. Either @jzaefferer should set its content-type header, or @addisonj should set the accept header and parse the response instead of using the json option.

Since this happens to be a breaking change, I'm more on the reverting it side + fixing the docs and adding a test. @jzaefferer thoughts?

@jzaefferer
Copy link
Contributor

I'm okay with a revert; I'll just revert my project's upgrade commit as well. As long as the docs are more clear about this than before.

@xytis
Copy link

xytis commented Sep 24, 2015

+1 to the list of people who had their code broken :)

@simov simov mentioned this issue Sep 24, 2015
Merged
@simov
Copy link
Member

simov commented Sep 24, 2015

Fixed here #1785 I wasn't able to fix the docs though.

In fact they are totally correct as they are, except that the json:true case is completely missing. If you can figure out a good and short way to explain the behavior contained in the json function let me know in the other issue.

@simov
Copy link
Member

simov commented Sep 25, 2015

2.64 is published 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@paul-english @jzaefferer @xytis @adamnreed @addisonj @simov