To me it just kind of depends on what level of atomicity you need in your API endpoint. If you can accept the binary data without any other parameters then that's great, just do that. If you need it alongside other input then multipart is great. Some people also marshal that stuff in x-foo headers but I think there's very few cases where that's compelling. BASE64'd binary data into JSON is the least desirable but it really depends on the situation - I'm definitely guilty of using it in certain scenarios (if you just really really really want a JSON body cuz that's what's easiest on the client-side).
It's worth noting that Deform has its own mechanism for storing the file upload on the server such that you can connect it up to the form data from a separate request. This is handy to avoid re-transferring the data when parts of the form fail to validate. The CGI FieldStorage object is basically a wrapper around the content, providing a file-like interface for messing with it as webob may have done you a solid and stored the data to disk instead of blowing out your memory. You can always just read the content in from there. You'll also want to pull the content-type from that object. After that validation is up to you. Finally, if the request got all the way to your WSGI app then it's almost guaranteed that it was already fully parsed/received from the client by your WSGI server or any middleware/API calls so it's (probably) too late at that point to really validate and reject based on the size. You'd want to do that upstream prior to the body being read if it's really large data you're worried about receiving. - Michael > On Feb 7, 2021, at 09:06, Thierry Florac <tflo...@gmail.com> wrote: > > Hi, > > I'm starting to use Cornice, Colander and Swagger and I'm trying to create a > REST service which should allow users to upload file(s)... > > Until now I'm using "multipart/form-data" encoding and it seems OK, but : > - is it actually a good practice to handle file uploads in a REST API using > this encoding? Should I prefer something like JSON with base64 string > encoding (including for use cases with large data files)?? > - how should I handle schema verification with Colander for file upload > fields (what I actually receive using form-data encoding is a CGI > FieldStorage object) ? > > Best regards for any advise, > Thierry > -- > https://www.ulthar.net <https://www.ulthar.net/> -- > http://pyams.readthedocs.io <http://pyams.readthedocs.io/> > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to pylons-discuss+unsubscr...@googlegroups.com > <mailto:pylons-discuss+unsubscr...@googlegroups.com>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/pylons-discuss/CAPX_VWBv8Ufg-ezeHPqeRXjwuF2f-8iSE8VRy7k3_n9iRp-LqA%40mail.gmail.com > > <https://groups.google.com/d/msgid/pylons-discuss/CAPX_VWBv8Ufg-ezeHPqeRXjwuF2f-8iSE8VRy7k3_n9iRp-LqA%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/314E86A9-A36F-439F-AD01-3F581ED87B92%40gmail.com.
