[aerogear-dev] Validation for creating/updating push apps and their variants
Kris Borchers
kris at redhat.com
Wed Sep 18 08:40:58 EDT 2013
+1
On Sep 18, 2013, at 7:35 AM, Matthias Wessendorf <matzew at apache.org> wrote:
> No, it's more like
>
> * may not be null
> * is to long
>
> etc
>
> Not providing IDs, credentials etc. Makes sense ?
>
>
> On Wed, Sep 18, 2013 at 2:32 PM, Kris Borchers <kris at redhat.com> wrote:
> I will say +1 for this as long as none of the error messages returned introduce security issues by exposing too much info.
>
> On Sep 18, 2013, at 4:27 AM, Matthias Wessendorf <matzew at apache.org> wrote:
>
>> Following up on [1], currently we give 400 (Bad Request), with no good meaning, when creating/updating a PushApplication or a Variant;
>>
>>
>> The HTML page(!) simply says "The request sent by the client was syntactically incorrect "
>>
>> As suggested in [1] a good idea is using Bean Validation and returning better errors.
>>
>> The result would be a 400 (Bad Request) response, containing the errors and their messages as a JSON object (instead of a HTML page).
>>
>> E.g.:
>>
>> {"name":"may not be null"}
>>
>> This is a) more meaningful and we can also get rid of our 'hard-coded' validation rules, like:
>> https://github.com/aerogear/aerogear-unifiedpush-server/blob/master/src/main/java/org/jboss/aerogear/unifiedpush/rest/registry/applications/AndroidVariantEndpoint.java#L79-L82
>>
>> -Matthias
>>
>>
>> [1] https://issues.jboss.org/browse/AGPUSH-255
>>
>> --
>> Matthias Wessendorf
>>
>> blog: http://matthiaswessendorf.wordpress.com/
>> sessions: http://www.slideshare.net/mwessendorf
>> twitter: http://twitter.com/mwessendorf
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20130918/db872bc7/attachment.html
More information about the aerogear-dev
mailing list