Do not execute scripts for unsuccessful http responses #4250 #4379
Conversation
timmywil
changed the title
|
I'd approve without the |
|
Don't we want converters to be applied for unsuccessful non-script responses? |
|
Good point. This should be limited to scripts. |
|
Should converters be run on error responses? For text and html, probably yes. For scripts, no. What about json, jsonp, and xml? |
|
I know of APIs that return non-200 status with JSON. The only case we want to prevent here is script. |
|
I did some attempts in mgol@0cf3869 some time ago but I struggled with how to actually detect scripts. This is because a script may have |
|
@dmethvin Good point. Should we consider APIs which intentionally return non-200 status scripts? Is it correct to replace anything other than the default converter? My current patch would also replace any custom "text script" converter. |
|
@skrobinson Returning data on non-200 responses definitely makes sense. Consider a JSON API that sends a 400 with JSON data describing an error in body; that's quite common. Scripts are special in that its response is not really just "converted" but executed as a script, that's why we want to avoid it in this specific example. I think that answers your question:
with: no, that's not correct. We need to stop applying converters for scripts only. |
Yes, I'm convinced about data. But, should we be careful not to disrupt a non-default "text script" converter? If the dev-user has defined a "text script" converter with ajaxSetup, should we still replace that converter with a noop? |
|
@skrobinson A good question. I think I'm fine with ignoring user-provided script converters for failed HTTP status codes. |
mgol
left a comment
mgol
left a comment
There was a problem hiding this comment.
I'd like to see a test for a request without dataType but with a response with a JS Content-Type, plus maybe one for jsonp? You can incorporate a test from my attempt at mgol@0cf3869.
I also left one comment.
Other than that, this seems to work, nice job!
|
We've just started a post-semester remodeling at work and I'll be
unavailable for up to two weeks. I will return to this PR, but likely
not until end of May.
|
|
@skrobinson No problem, we're not in a hurry. Let us know when you're ready to continue, I'll be happy to keep reviewing new changes (just ping me directly when you update the PR, please :)). |
|
I think this means that |
@gibson042 I was thinking about that but it now also supports the options object that's used to pass But, I guess, we could move the logic back to the converter now since it won't be executed for bad requests. Is that what you had in mind? |
mgol
left a comment
mgol
left a comment
There was a problem hiding this comment.
One more comment (but see the previous ones as well).
Yeah, it should no longer need the |
|
@mgol I have pushed updates to my PR branch. You made a good call asking for more tests. I found my first P.S. I'll look at |
mgol
left a comment
mgol
left a comment
There was a problem hiding this comment.
Sorry for the delay. I like the way you generated many test cases, it's easy to see what's going on. I left a few comments.
This comment has been minimized.
This comment has been minimized.
skrobinson
force-pushed
the
wip-gh-4250-v2
branch
from
cb9e30e to
c312bf3
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
|
@mgol This PR is ready for another review. RE: the many test cases. I copied the pattern used for the "jQuery.ajax() - cache" tests, once I understood how those tests worked. |
mgol
left a comment
mgol
left a comment
There was a problem hiding this comment.
A few more minor comments but it looks almost done to me, thanks!
|
@skrobinson before applying further updates, could you rebase this PR over current |
Signed-off-by: Sean Robinson <[email protected]>
Unsuccessful responses may not contain text convertible to the intended type (e.g. json, script, etc.) using the normal converter. The two added test cases only check for `dataType: "script"`. Fixes jquerygh-4250 Signed-off-by: Sean Robinson <[email protected]>
Signed-off-by: Sean Robinson <[email protected]>
The exact error message is platform dependent, so just check that a message is present. Firefox says "File not found" while Chrome says "Not Found". Signed-off-by: Sean Robinson <[email protected]>
The original change was meant to prompt Travis tests before submitting a Pull Request. With a PR in, this is no longer necessary. This reverts commit 1146399. Signed-off-by: Sean Robinson <[email protected]>
Signed-off-by: Sean Robinson <[email protected]>
s.dataType is optional and may be undefined. Look for "script" in the chain of convertible types. Expands tests by building on mgol's previous work mocking failed services. Signed-off-by: Sean Robinson <[email protected]>
The original flow was an attempt to keep a pristine copy of the default options. But, it doesn't account for how JavaScript works. The object literal is created anew on each call to request and does not need to be protected. Signed-off-by: Sean Robinson <[email protected]>
The jQuery project's standard missing file is 404.txt. Signed-off-by: Sean Robinson <[email protected]>
Use a common object which fails any test attempting to convert the response as a script. Signed-off-by: Sean Robinson <[email protected]>
Signed-off-by: Sean Robinson <[email protected]>
Signed-off-by: Sean Robinson <[email protected]>
Signed-off-by: Sean Robinson <[email protected]>
skrobinson
force-pushed
the
wip-gh-4250-v2
branch
from
f701a76 to
db906f0
Compare
|
@mgol These latest changes are complete and I've rebased onto today's master. |
|
Landed, thanks @skrobinson for keeping up with our review comments! |
|
Backported to |
5 participants
Summary
Fix for #4250.
Checklist