Comments (6)
Hey, I did explore this problem today and would like to add some comments.
First, I noticed that this problem is happening with Giraffe.EndpointRouting
. I did test with Giraffe router, and it simply ignores the request, going to the response status 404:
Request reached the end of the middleware pipeline without being handled by application code.
Request path: GET http://localhost:5000/try-a-guid/00000000-0000-0000-0000-0000000000123,
Response status code: 404
I was using this code (Giraffe router):
open System
open Microsoft.AspNetCore.Builder
open Microsoft.AspNetCore.Hosting
open Microsoft.Extensions.Hosting
open Microsoft.Extensions.Logging
open Microsoft.Extensions.DependencyInjection
open Giraffe
let webApp =
GET >=> routef "/try-a-guid/%O" (fun (guid: Guid) -> text $"Success: {guid}" )
type Startup() =
member __.ConfigureServices (services : IServiceCollection) =
// Register default Giraffe dependencies
services.AddGiraffe() |> ignore
member __.Configure (app : IApplicationBuilder)
(env : IHostEnvironment)
(loggerFactory : ILoggerFactory) =
// Add Giraffe to the ASP.NET Core pipeline
app.UseGiraffe webApp
[<EntryPoint>]
let main _ =
Host.CreateDefaultBuilder()
.ConfigureWebHostDefaults(
fun webHostBuilder ->
webHostBuilder
.UseStartup<Startup>()
|> ignore)
.Build()
.Run()
0
And I confirm that this problem is still happening in the most recent version of Giraffe.
At first, I thought it was not a good idea to add some hidden feature that maps incorrect regex parsing to a generic error response. It could be a pain to debug (imagine having an API with 1_000_000s of requests, and out of nowhere some start returning an unexpected status code + response which you don't find in your codebase). If you're using this %O
pattern, it's your responsibility to grant that the input will be GUID-compliant. Otherwise, if you want to avoid this problem, I would recommend using %s
and then, inside the endpoint handler, you try to convert to GUID.
Then, after digging deeper into the problem, I think it's better to handle it properly, at least trying to replicate what we have with Giraffe's router. It must demand simply a tweak in the GUID regex pattern.
I'll take a look at it this week, and probably add some new tests.
from giraffe.
Giraffe version 6.4.1-alpha-3
has the fix. I tested locally, and it's not matching the wrong Guid. Please let me know if there's something else regarding this issue @jcmrva.
from giraffe.
Looks good to me. Thanks!
from giraffe.
What's the behavior you're after? Why do you consider the above a bug?
from giraffe.
We'd rather it return 4xx, and IMO in general, user input should not result in unhandled exceptions.
from giraffe.
Feel free to add your review to this PR #594
from giraffe.
Related Issues (20)
- Migrate to System.Text.Json HOT 1
- Participate on hacktoberfest 2023? HOT 1
- Never decalre reader with `use` on `ctx.Request.Body` HOT 4
- Upgrade to .NET 8 HOT 6
- LinkGenerator doesn't work with routef HOT 1
- Giraffe 6.2 is breaks against Microsoft.IO.RecyclableMemoryStream 3.0.0 HOT 11
- Returning streams, either with WriteStreamAsync or WriteFileStreamAsync or their handler equivalents, is extremely slow HOT 4
- Question: How to approach outside in testing of a micro service? HOT 2
- Follow-up from "Minor code optimisation #567"
- Update SECURITY.md
- Start using fantomas to validate code submissions with CI HOT 6
- [README] Suggestion for "Getting Started"'s "Doing it manually" HOT 2
- [question] Would it be possible to make `Giraffe.EndpointRouting` case-sensitive? HOT 3
- Remove NuGet API key from the repository HOT 3
- 6.4.0 release references PR for updating to .NET 7 instead of .NET 8 HOT 1
- EndpointRouting - Create endpoint for multiple http verbs
- Request/discussion: WriteStreamAsync buffer size autotuning and/or increase default buffer size HOT 1
- Update `.vscode` debug configuration to point to existent projects
- Returning 406 when mustAccept fails HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from giraffe.