Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(response): new setting strict status codes #5856

Open
wants to merge 1 commit into
base: 5.0
Choose a base branch
from

Conversation

aagamezl
Copy link

According to issue, a new configuration variable is added and the status code behavior is adjusted.

test/res.status.js Outdated Show resolved Hide resolved
@ctcpip
Copy link
Member

ctcpip commented Aug 23, 2024

I think we need to add a test that is outside the strict range -- I could not find any existing

Copy link
Member

@wesleytodd wesleytodd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was under the impression we intended to turn this on by default. @jonchurch Wasn't that your intent previously?

@aagamezl aagamezl force-pushed the aa/feat/strict-status-code branch from 61c44d7 to f5a28b0 Compare August 23, 2024 21:07
@aagamezl
Copy link
Author

@ctcpip I added the missing test

@aagamezl
Copy link
Author

@wesleytodd maybe I misunderstood, could you confirm the default value of the setting?

Default: true or
Default: false

@wesleytodd
Copy link
Member

I could be wrong, but I thought we had discussed with @jonchurch doing the strict checks by default in v5. I am not strongly opinionated either way, but if we dont turn it on by default now then we cannot until v6.

@aagamezl aagamezl force-pushed the aa/feat/strict-status-code branch from f5a28b0 to 18331b2 Compare August 24, 2024 19:36
@aagamezl
Copy link
Author

@wesleytodd I've updated the code according to the conversation, now "strict status codes" is true by default.

@jonchurch
Copy link
Member

jonchurch commented Aug 28, 2024

@wesleytodd, this isn't strictly required for v5

We had discussed adding this setting, and Blake suggested we err on the side of unopinionated and not set this by default. Which Ulises and myself agreed to.

It's a nice to have, but unless we open the discussion to have this throw behavior as the default, the setting itself (default off) can come in as a minor.

@wesleytodd
Copy link
Member

Ok, so how about this. To keep things moving, lets go back to not setting it by default and then we can land it either now if we get approvals, or we can release it as a minor soon after the main release.

@jonchurch
Copy link
Member

jonchurch commented Aug 28, 2024

I updated the tracking todos to move this to the "future minor"

@@ -99,6 +99,7 @@ app.defaultConfiguration = function defaultConfiguration() {
this.set('query parser', 'simple')
this.set('subdomain offset', 2);
this.set('trust proxy', false);
this.set('strict status codes', true);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please update this back to false as default

thank you, by the way ❤️

Copy link
Member

@jonchurch jonchurch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

based on chats, we are requesting this is off by default ❤️

@wesleytodd
Copy link
Member

Ok, so how about this. To keep things moving, lets go back to not setting it by default and then we can land it either now if we get approvals, or we can release it as a minor soon after the main release.

@aagamezl aagamezl force-pushed the aa/feat/strict-status-code branch from 18331b2 to 82d0a9c Compare August 29, 2024 19:29
History.md Outdated
* `res.status()` accepts only integers, and input must be greater than 99 and less than 1000
* will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range
* will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs
* By default `res.status()` accepts only integers, and input must be greater than 99 and less than 900
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this needs updating

@blakeembrey
Copy link
Member

blakeembrey commented Aug 29, 2024

@jonchurch That's my bad, I don't think I was clear, when I wrote:

I'd love to take a strong stance either way

I meant I'd prefer no configuration. Revisiting this a few months later I actually think this is still correct, and it should be loose by default, and anything else can be middleware. My hot take here is that we should actually be deprecating and removing configuration instead of adding more.

Edit: I'm not going to block on configuration being added though, that's just my 2c on the overall subject.

@wesleytodd
Copy link
Member

I meant I'd prefer no configuration.....My hot take here is that we should actually be deprecating and removing configuration instead of adding more.

I probably agree, that said this PR is in line with historical design of the project. I am sorry for any churn I created by asking the setting to be on by default. I think we should work toward aligning on some of these "technical vision" ideas after we release v5 and work toward applying those ideals in v6 (where landing this as a minor could be a step toward that, or closed if we decide the goal is to remove configuration options).

@ctcpip
Copy link
Member

ctcpip commented Aug 30, 2024

To be clear, what folks agreed to proceed with was the validation of the range of what node accepts -- there was discussion about limiting the range further, about whether the framework should be more or less opinionated, and so on, but the idea of a strict mode limiting the range further was the last comment and did not receive further discussion AFAIU. So -- I don't think we should land this in 5.0. We could still land it as a minor if we can get consensus to land it, but I don't want to block 5.0 on this.

test: test for status in range with strictt status

refactor: default strict status codes to true

feat(status): set strict status codes to false

docs: fix History message
@aagamezl aagamezl force-pushed the aa/feat/strict-status-code branch from 82d0a9c to 0dae369 Compare August 31, 2024 12:12
@@ -129,6 +129,20 @@ describe('res', function () {
.expect(500, /Invalid status code/, done);
});

it('should raise error for status code above 599', function (done) {
Copy link
Contributor

@bhavya3024 bhavya3024 Nov 30, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you also add the test case for status code less than 100, if in future this PR is accepted

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants