aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/endpoint.lisp1
-rw-r--r--src/package.lisp2
-rw-r--r--src/protocol.lisp16
3 files changed, 19 insertions, 0 deletions
diff --git a/src/endpoint.lisp b/src/endpoint.lisp
index 5c2a386..00f681f 100644
--- a/src/endpoint.lisp
+++ b/src/endpoint.lisp
@@ -386,6 +386,7 @@ the ;."
(content-type
(content-type class)))
(lambda ()
+ (check-request-compliance class)
(setf (http:content-type*) content-type)
(handle (instantiate-endpoint class init-slots)))))
diff --git a/src/package.lisp b/src/package.lisp
index 1d12ea4..1563c07 100644
--- a/src/package.lisp
+++ b/src/package.lisp
@@ -13,6 +13,7 @@
(#:mop #:closer-mop))
(:export
;; HANDLER PROTOCOL
+ #:check-request-compliance
#:authenticate
#:authorize
#:handle
@@ -23,6 +24,7 @@
#:endpoint-redirect
#:route-to
#:get-cookie
+ #:get-header
#:err
;; re-exports
diff --git a/src/protocol.lisp b/src/protocol.lisp
index f94364a..74019b1 100644
--- a/src/protocol.lisp
+++ b/src/protocol.lisp
@@ -101,6 +101,17 @@ that the request has insufficient permissions to evoke the endpoint handler. "))
;;; HANDLER PROTOCOL
+(defgeneric check-request-compliance (endpoint-instance-class)
+ (:documentation "This function is called before instances the endpoint class are
+created; This occurrs before the HTTP request's body has been
+read. All request headers are available for inspection.
+
+This is meant to enforce higher-level or server-wide policies, such as
+on the size of request bodies.")
+ (:method ((epclass symbol))
+ (check-request-compliance (find-class epclass)))
+ (:method ((epclass t))))
+
(defgeneric authenticate (endpoint)
(:documentation "Returns a boolean. Any protected endpoint should implement
this. Called before handling, should be used to supply
@@ -161,6 +172,11 @@ AUTHORIZE while handling endpoint-class instance EP."
"Returns the cookie with name NAME the actively"
(http:cookie-in name))
+(defun get-header (name)
+ "Returns the string value of the header named NAME, which can be a
+string or keyword."
+ (http:header-in* name))
+
(define-condition request-error (error)
((content :reader error-content :initarg :content :initform "Bad Request")
(mimetype :reader error-content-mimetype :initarg :mimetype :initform "text/plain")