Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:108479 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 28976 invoked from network); 11 Feb 2020 15:00:46 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 11 Feb 2020 15:00:46 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 92C44180539 for ; Tue, 11 Feb 2020 05:14:40 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS29169 217.70.176.0/20 X-Spam-Virus: No X-Envelope-From: Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net [217.70.183.199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Tue, 11 Feb 2020 05:14:39 -0800 (PST) X-Originating-IP: 107.223.28.39 Received: from samurai.attlocal.net (107-223-28-39.lightspeed.nsvltn.sbcglobal.net [107.223.28.39]) (Authenticated sender: pmjones@pmjones.io) by relay9-d.mail.gandi.net (Postfix) with ESMTPSA id 76436FF802; Tue, 11 Feb 2020 13:14:36 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.60.0.2.5\)) In-Reply-To: Date: Tue, 11 Feb 2020 07:14:35 -0600 Cc: PHP Internals List Content-Transfer-Encoding: quoted-printable Message-ID: References: <50BD013E-CF72-414C-BBC0-A7A2E45CBDDB@pmjones.io> To: =?utf-8?Q?Micha=C5=82_Brzuchalski?= X-Mailer: Apple Mail (2.3608.60.0.2.5) Subject: Re: [PHP-DEV] RFC: Server-Side Request and Response Objects (v2) From: pmjones@pmjones.io ("Paul M. Jones") Hi Micha=C5=82, Good to hear from you! (While writing this, I realized I made a couple of mistakes in the RFC = examples related to CONTENT_LENGTH and CONTENT_TYPE that might have = caused confusion; I have now fixed them.) > On Feb 10, 2020, at 10:46, Micha=C5=82 Brzuchalski = wrote: >=20 > Hi Paul, >=20 > thanks for bringing it back. Got some questions: >=20 > 1. In your RFC $_ENV is bound to $request. >=20 > Looking at HttpFoundation can see it's build from $_GET, $_POST, = $_FILES, $_COOKIE, $_SESSION and then looking at PSR ServerSideRequest = it's build from $_COOKIE, $_GET, $_POST, $_FILES, $_SERVER but none of = them bounds $_ENV. >=20 > Server environment variables basically don't change over time when = server process runs. What is the specific use case that requires them to = be coupled with $request instance? I have no specific use case; I recall that $_ENV showed up in more than = a couple of reviewed implementations, and so included it here. If there = is no objection from John Boehr (who did the majority of heavy lifting = C), or from anyone else, then I would be fine with removing the = ENV-related element. I have no strong feelings on $_ENV representation = either way. > 2. In your RFC all headers are mapped to $request properties >=20 > This behaviour is unclear and unusual to me, for eg. in summary can = see that if server request has "Header-Name" it is found in = $_SERVER["HTTP_HEADER_NAME"] and that one is bound to = $request->headers["header-name"], ok but the next line with example for = "Content-Type" shows that it's bound to $request->contentType - which = means > probably that it can be accessed in $request->headers["content-type"] = as well, right? seems logic. I'm not sure if that is a question/comment/criticism, or a statement of = "OK so far, but ...". Please bear with me, so I can make sure I'm = addressing your question properly. First: Not *all* headers are mapped to $request properties; the only = ones that get special $request properties are the ones that showed up as = frequently getting special treatment in other implementations. Next: the $header array is populated by all $_SERVER['HTTP_*'] values, = plus $_SERVER['CONTENT_TYPE'] and $_SERVER['CONTENT_LENGTH']. The latter = two do not follow the 'HTTP_*' pattern because of RFC 3875; they come in = as (e.g.) `Content-Type: text/plain`, so you might expect = $_SERVER['HTTP_CONTENT_TYPE'], but RFC 3875 dictates otherwise. Finally: yes, $request->header['content-type'] is available at the same = time as $request->contentType, but they are not quite the same thing. = The Content-Type header also allows you to specify a charset, which = value gets populated into $request->contentCharset. So, you can read = these values these ways: - $request->header['content-type'] =3D> 'text/plain; charset=3DUTF-8' = (the original header) - $request->contentType =3D> 'text/plain' (parsed out by ServerRequest) - $request->contentCharset =3D> 'UTF-8' (parsed out by ServerRequest) Likewise, PHP puts `Content-Length: 123' into = $_SERVER['CONTENT_LENGTH']; ServerRequest additionally puts it into = $request->headers['content-length'] as a string; and then further tries = to represent the value as an integer in $request->contentLength. So: - $request->server['CONTENT_LENGTH'] =3D> (string) '123' - $request->headers['content-length'] =3D> (string) '123' - $request->contentLength =3D> (int) 123 My apologies if all of that was stuff you already knew and understood. = (And if you did not already know it, maybe that means I should write up = a narrative of the logic being applied.) > Going further, for eg. $_SERVER["PHP_AUTH_PW"] is bound to = $request->authPw and then what will happen if the request will receive = "Auth-Pw" header? In that example, PHP would populate two $_SERVER elements: 'PHP_AUTH_PW' = from the password, and 'HTTP_AUTH_PW' from the header. ServerRequest = only populates PHP_AUTH_PW into $authPw; the HTTP_AUTH_PW value would = (per the above description) go into $request->headers['auth-pw']. I hope that made sense; let me know if it did not. > With those above I would see a set of getters like getContentType() or = getAuthPassword() etc. instead of ServerRequest instance properties and = a single point to retrieve header values just like well known = ParameterBag's from HttpFoundation to operate on get, post, headers etc. Does the above explanation help to modify your preferences here? If not, = we can continue talking about it. --=20 Paul M. Jones pmjones@pmjones.io http://paul-m-jones.com Modernizing Legacy Applications in PHP https://leanpub.com/mlaphp Solving the N+1 Problem in PHP https://leanpub.com/sn1php