Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

rack-parser

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

rack-parser

  • 0.7.0
  • Rubygems
  • Socket score

Version published
Maintainers
1
Created
Source

Rack::Parser

Rack::Parser is a rack middleware that allows your application to do decode/parse incoming post data into param hashes for your applications to use. You can provide a custom Parser for things like JSON, XML, MSGPACK using your library of choice.

Installation

install it via rubygems:

gem install rack-parser

or put it in your Gemfile:

# Gemfile

gem 'rack-parser', :require => 'rack/parser'

Usage

In a Sinatra or Padrino application, it would probably be something like:

# app.rb

use Rack::Parser, :parsers => { 'application/json' => proc { |data| JSON.parse data },
                               'application/xml'  => proc { |data| XML.parse data },
                               %r{msgpack}        => proc { |data| Msgpack.parse data }
                             }

Content Type Parsing

By default, Rack::Parser uses JSON decode/parse your JSON Data. This can be overwritten if you choose not to use them. You can do it like so:

use Rack::Parser, :parsers => {
  'application/json' => proc { |body| MyCustomJsonEngine.do_it body },
  'application/xml'  => proc { |body| MyCustomXmlEngine.decode body },
  'application/roll' => proc { |body| 'never gonna give you up'     }
}

Error Handling

Rack::Parser comes with a default error handling response that is sent if an error is to occur. If a logger is present, it will try to warn with the content type and error message.

You can additionally customize the error handling response as well to whatever it is you like:

use Rack::Parser, :handlers => {
  'application/json' => proc { |e, type| [400, { 'Content-Type' => type }, ["broke"]] }
}

The error handler expects to pass both the error and content_type so that you can use them within your responses. In addition, you can override the default response as well.

If no content_type error handling response is present, it will return 400

Do note, the error handler rescues exceptions that are descents of StandardError. See http://www.mikeperham.com/2012/03/03/the-perils-of-rescue-exception/

Regex Matching

With version 0.4.0, you can specify regex matches for the content types that you want the parsers and handlers to match.

NOTE: you need to explicitly pass a Regexp for it to regex match.

parser  = proc { |data| JSON.parse data }
handler = proc { |e, type| [400, {}, 'boop'] }
use Rack::Parser, :parsers  => { %r{json}   => parser },
                  :handlers => { %r{heyyyy} => handler }

Inspirations

This project came to being because of:

  • Niko Dittmann's rack-post-body-to-params which some of its ideas are instilled in this middleware.
  • Rack::PostBodyContentTypeParser from rack-contrib which proved to be an inspiration for both libraries.

External Sources/Documentations

Contributors

  • Stephen Becker IV - For initial custom error response handling work.
  • Tom May - skip loading post body unless content type is set.
  • Moonsik Kang - skip rack parser for content types that are not explicitly set.
  • Guillermo Iguaran - Updating multi_xml version dependency for XML/YAML exploit
  • Doug Orleans - Handle only post-body parsing errors and let upstream errors propogate downstream
  • Akshay Moghe - Make default error handler rack compliant by responding to #each and use StandardError

Copyright © 2011,2012,2013 Arthur Chiu. See MIT-LICENSE for details.

FAQs

Package last updated on 05 Apr 2016

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc