On Sun, Oct 14, 2012 at 12:34:11PM -0700, David Rolston wrote:
>
> The period does not make a difference. I think it must be wired to assume
> that the format will only come at the end, because there must be special
> code that deals with stripping the trailing period from the route.
>
> My gut tells me this is not something that should be driven by the url, and
> I should process the Accept header as you are, however, the router
> currently does some things that I'm relying upon right now. For example,
> it will set the Content type to match the default format when you throw
> exceptions.
That was something I hadn't thought about.
On the other hand, returning exceptions in a web service is pure evil. (And
very Java-ish). The right tre number code and a line of text and then maybe
also some content in the right format if you use a specific container.
So, catching the exception and then use the format when exiting/returning.
On the other hand, I do use Accept for formattig but I also use {} in the route
for REST/WEB access. The reason is that I need separate firewalls and I
am not bothered to use different controllers.
>From one of mye Controllers:
* @Route("/{access}/port", defaults={"access" = "web"},
requirements={"web|rest"})
This way I can use ordinary cookie based sessions for web and a stateless basic
authen with eventual IP-screening (to be replaced later if we feel like it,
security wise it's more than enough in this project) for the REST stuff.
This works quite nice and is simple enough.
Thomas.
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/symfony-devs?hl=en
