Send HTTP header from Orbeon XForm submission - orbeon

I have an API that depends on certain HTTP Headers for specific behavior. Example would be HTTP Header If-Matches on a POST to support updating only if version matches the value of If-Matches.
How would I send these HTTP headers from an Orbeon XForms submission?

The xf:submission element supports a nested xf:header element, which allows you to set custom headers. For example:
<xf:header>
<xf:name>If-Matches</xf:name>
<xf:value>whatever value</xf:value>
</xf:header>
The name and value can be dynamic using the value attribute. You can use many xf:header children elements. For more, see The header Element from the XForms 1.1 specification.

Related

What happens when we pass extra field in request body(JSON) in a OpenAPI POST endpoint

I was working on Swagger generated OpenAPI specification and I noticed that if we pass some extra fields in PUT/POST API endpoint, then the server doesn't throw any error, even though it process all valid/necessary field.
So my doubt is that
Should the server throw error in this case?
Is it the OpenAPI standard to allow unknown fields and then ignore them?
In Swagger specification 2.0 there is no option to reject the extra fields passed in the request body. Server will only accept those fields that are allowed in the request definition and other fields will be ignored.
If you want to disallow extra fields then you can handle these in the backend manually.

Swagger openApi Spec 3.0 - DELETE operation

I am using swagger openapi specification 3.0 to generate swagger from my interface. I have a delete method where it accepts request-body. But according to RFC7231, DELETE does not accept any request body. Also Swagger-request body tells that so. But my API is designed to accept request body in DELETE operation. Is there any work around in creating swagger such that DELETE operation accepts request body. Currently what error I am getting from swagger generation is,
Sematic error: DELETE operations cannot have a requestBody
No, you cannot use the OpenAPI 3.0 Specification and Swagger tools to implement DELETE requests with a request body. As you correctly pointed out, the HTTP RFC says the DELETE request body has no defined semantics (and thus should be avoided), and OpenAPI 3.0 specifically disallows bodies in HTTP methods where the body does not have defined semantics. See this discussion for some context.
Consider changing your API design, for example, replace the DELETE body with path, query string or header parameters. Check out RESTful Alternatives to DELETE Request Body for some ideas.
This type of operation (DELETE, GET requests with a body) was explicitly banned in Open API 3.0. Prior to that it was allowed or vague.

What is the media type of an OpenAPI schema?

Whenever searching for this I find resources on how to specify the media type of a resource that the schema defines, but I can't see an answer on what the actual media type of the schema itself is.
Given the way HTTP works, it makes sense to me that if I request the right content type with the Accept header, my server can respond appropriately.
Thus, if I request /products with Accept: application/json I would get products in JSON format, but if I requested openapi-whatever I would get the OpenAPI schema.
I think I can probably use either application/openapi+json or application/openapi+yaml, but I can't see anything about it in the actual specification.
I'm not sure whether or not I actually want to use the Accept header for this difference, but I certainly want to respond with the correct Content-Type header in any case.
The OpenAPI Initiative's Technical Steering Committee (TSC) approved the following media types:
application/vnd.oai.openapi (YAML variant)
application/vnd.oai.openapi+json (JSON only variant)
with an optional version parameter:
application/vnd.oai.openapi;version=2.0
However, these media types are not yet registered with IANA.
This seems to be newer (Sept. 2021):
application/openapi+yaml
application/openapi+json
https://www.ietf.org/archive/id/draft-polli-rest-api-mediatypes-00.html

Add header to PostHttp processsor Apache Nifi

Im trying to add a custom header in my post request header in apache nifi, I have seen that in the configuration tab there's Attributes to send as http header (regex) I'm not very familiar with regex, any idea how to add a header and its value like the following : token : READ ?
PostHttp's "Attributes to Send as HTTP Headers (Regex)" property can accept a regex, but it will work just fine to specify a single attribute name like token. If you had multiple attribute you wanted to name, you could use a pipe to "or" them together:
token|attrib2|attrib3
For each attribute you selected, the attribute name and value are sent as the HTTP header name and value.

Spring-WS WSA header contains hardcoded mustUnderstand attribute

When sending WSA headers with Spring-WS, the wsa:To field always contains the attribute mustUnderstand="true". By looking at the source code, I found that this attribute is hardcoded in AbstractAddressingVersion.java. Based on the W3 standard the mustUnderstand attribute is not mandatory I think.
Is there a reason why Spring-WS hardcodes it? We have difficulties when integrating Spring-WS with some other SOAP stacks because of this attribute.
If you file a JIRA here, we can make it customizable.

Resources