just changed.

• Removed binary as default format, made format option mandatory, list available formats if given format is not available (reduced need for documentation).
• Also allow .<format> (along to /<format>) as format choosing option.

I'm not sure how useful .format is. .extension would be more natural. Of course, you could add dat as equivalent for binary, and .txt as equivalent for hex...

As said on IRC my preference would be to use ?format=hex and restore json as the default.
But this is probably bikeshedding and maybe too late.

No, it's not too late. Now would be the time for wider criticism of the API, and the fixing of any API bugs.

utACK

Code looks good to me, and I've done some basic testing and it works as expected.

I am still in doubt whether we should expose the .json format at all, though.

• Unlike the binary formats it is entirely Bitcoin Core RPC specific. If this is supposed to be a standard for REST access of blocks/transactions, every nook needs to be documented in a BIP.
• It is not complete: for example, JSON format for block shows a list of transactions, but not the full data of the block. Of course with -txindex it's possible to fetch tx-by-tx after that, but that's quite the detour.
• Parsing the data and formatting JSON takes a lot of memory, and increased overhead in time (not a concern at this point, but may be for an API designed to be potentially public). These are all things that could be done client-side.

So maybe a format arg (?format=hex) and binary as default?
On Nov 24, 2014 12:17 PM, "Wladimir J. van der Laan" <
[email protected]> wrote:

Code looks good to me, and I've done some basic testing and it works as
expected.

I am still in doubt whether we should expose the .json format at all,
though.

• Unlike the binary formats it is entirely Bitcoin Core RPC specific.
  If this is supposed to be a standard for REST access of
  blocks/transactions, every nook needs to be documented in a BIP.
• It is not complete: for example, JSON format for block shows a list
  of transactions, but not the full data of the block. Of course with
  -txindex it's possible to fetch tx-by-tx after that, but that's quite
  the detour.
• Parsing the data and formatting JSON takes a lot of memory, and
  increased overhead in time (not a concern at this point, but may be for an
  API designed to be potentially public).

—
Reply to this email directly or view it on GitHub
#5326 (comment).

The JSON mirrors the RPC format output, when possible.

However, the non-native argument is somewhat persuasive. If you wanted to follow the "convert client side" logic to its conclusion, then removing JSON and hex would result. That certainly keeps in the in-bitcoind code at a minimum.

However, two counterpoints:

• The primary argument used on IRC seemed to be a worry about localhost XSS, and all this objection to JSON seems like a parallel construction to achieve that.
• Adding REST equivalent of "getutxos" is one of the proposed next steps for the interface, and JSON would seem to be one of the two logical output formats for that (the other being the binary result that @mikehearn's "getutxos" P2P patch added)

The fix + flag should be separate from the output format pull request. We can go ahead and merge the fix and -rest flag, IMO.

Okay. I will separate the pulls.

The primary argument used on IRC seemed to be a worry about localhost XSS, and all this objection to JSON seems like a parallel construction to achieve that.

No, that was IMO addressed by putting the functionality behind an option. Even without JSON, XSS fingerprinting may be possible by checking for absence/presence of errors. BTW I recently learnt that Tor Browser Bundle explicltly works around this kind of local fingerprinting, that's nice:

pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)

Adding REST equivalent of "getutxos" is one of the proposed next steps for the interface, and JSON would seem to be one of the two logical output formats for that (the other being the binary result that @mikehearn's "getutxos" P2P patch added)

I don't have anything against returning well-defined JSON data. If there are multiple things to return they need to be packed into a structure, and getutxo is an excellent example of that.

However that is entirely different from bitcoind's lossy RPC format for blocks, which is here used because the code happens to be available.

So maybe a format arg (?format=hex) and binary as default?

Let's not have a default. People can specify the format that they want.

Just updated.
Format specific changes are removed from this pull (i'll open a new pull for this).
Now we only deal with HTTP Response fix, -rest flag (default off), warmup response.

Also see #5376 for further format-specific discussions.
Also referencing #5379 (unit-tests).