Implement RejectUnknownQueryParameters (Fix #660)#925
Implement RejectUnknownQueryParameters (Fix #660)#925wolveix wants to merge 3 commits intodanielgtaylor:mainfrom
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #925 +/- ##
=======================================
Coverage 92.67% 92.68%
=======================================
Files 23 23
Lines 4562 4594 +32
=======================================
+ Hits 4228 4258 +30
- Misses 275 276 +1
- Partials 59 60 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
Looking back on this, I think there's a lot of similar requests around #910. So I wonder if we should instead have a shared |
|
@wolveix is there a list of things that should be strict but aren't and can't easily be the new default? Query params are a good one. Operation IDs should be enforced to be unique. I'm trying to think of what else should be stricter. |
|
@danielgtaylor I thought there was another, though after a quick search I've not been able to find it. Since unique operation IDs will become the default (I'll rework my PR and merge it tomorrow), I guess it's just query params. It'd be ideal if we could make it configurable from the config struct rather than the API struct. I couldn't see a way to do it when I opened this PR, though I'm much more intimately familiar with Huma's codebase now so I'd happily give it another look! That is, unless you have a better idea ;) |
2 participants
Hello again!
This PR implements an opt-in config option to reject unknown query parameters (fixes #660).
I'm not confident that this is the best way to achieve this, and I'm not particularly a fan of adding an additional function to the
APIinterface definition; however, I couldn't find a better way to achieve this given that this check needs to happen in theRegisterfunction which doesn't have access toapi.config.