diff options
author | colin <colin@cicadas.surf> | 2024-08-17 08:46:04 -0700 |
---|---|---|
committer | colin <colin@cicadas.surf> | 2024-08-17 08:46:04 -0700 |
commit | 18dd5aface1c3f21a3c2c1d5e35a59279212a4f2 (patch) | |
tree | 5b9ee38d069f69584ed9b2ae1c09918090a95780 /src | |
parent | 9bf073c54f6a6dc70e01aa032fc53e2f06532275 (diff) |
Add check-request-compliance method and get-header function
Diffstat (limited to 'src')
-rw-r--r-- | src/endpoint.lisp | 1 | ||||
-rw-r--r-- | src/package.lisp | 2 | ||||
-rw-r--r-- | src/protocol.lisp | 16 |
3 files changed, 19 insertions, 0 deletions
diff --git a/src/endpoint.lisp b/src/endpoint.lisp index 5c2a386..00f681f 100644 --- a/src/endpoint.lisp +++ b/src/endpoint.lisp @@ -386,6 +386,7 @@ the ;." (content-type (content-type class))) (lambda () + (check-request-compliance class) (setf (http:content-type*) content-type) (handle (instantiate-endpoint class init-slots))))) diff --git a/src/package.lisp b/src/package.lisp index 1d12ea4..1563c07 100644 --- a/src/package.lisp +++ b/src/package.lisp @@ -13,6 +13,7 @@ (#:mop #:closer-mop)) (:export ;; HANDLER PROTOCOL + #:check-request-compliance #:authenticate #:authorize #:handle @@ -23,6 +24,7 @@ #:endpoint-redirect #:route-to #:get-cookie + #:get-header #:err ;; re-exports diff --git a/src/protocol.lisp b/src/protocol.lisp index f94364a..74019b1 100644 --- a/src/protocol.lisp +++ b/src/protocol.lisp @@ -101,6 +101,17 @@ that the request has insufficient permissions to evoke the endpoint handler. ")) ;;; HANDLER PROTOCOL +(defgeneric check-request-compliance (endpoint-instance-class) + (:documentation "This function is called before instances the endpoint class are +created; This occurrs before the HTTP request's body has been +read. All request headers are available for inspection. + +This is meant to enforce higher-level or server-wide policies, such as +on the size of request bodies.") + (:method ((epclass symbol)) + (check-request-compliance (find-class epclass))) + (:method ((epclass t)))) + (defgeneric authenticate (endpoint) (:documentation "Returns a boolean. Any protected endpoint should implement this. Called before handling, should be used to supply @@ -161,6 +172,11 @@ AUTHORIZE while handling endpoint-class instance EP." "Returns the cookie with name NAME the actively" (http:cookie-in name)) +(defun get-header (name) + "Returns the string value of the header named NAME, which can be a +string or keyword." + (http:header-in* name)) + (define-condition request-error (error) ((content :reader error-content :initarg :content :initform "Bad Request") (mimetype :reader error-content-mimetype :initarg :mimetype :initform "text/plain") |