Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:108512
Return-Path: <me@kelunik.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 68229 invoked from network); 12 Feb 2020 20:08:01 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 12 Feb 2020 20:08:01 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 194E0180590
	for <internals@lists.php.net>; Wed, 12 Feb 2020 10:22:11 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,
	SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS6724 81.169.144.0/22
X-Spam-Virus: No
X-Envelope-From: <me@kelunik.com>
Received: from mo4-p00-ob.smtp.rzone.de (mo4-p00-ob.smtp.rzone.de [81.169.146.161])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed, 12 Feb 2020 10:22:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1581531728;
	s=strato-dkim-0002; d=kelunik.com;
	h=To:Subject:Message-ID:Date:From:In-Reply-To:References:
	X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender;
	bh=XDuketzQN83fOb4XI4ypPpvEhwQNoXzk7jITKJh2gDE=;
	b=mnS77OS//3zSlDCEC+IgbXhSR0fHx0oEYqd+SoGgVDB8qOTxfLbgtlGg9YcsEP2090
	U89Bx9OzKVqinnjPIksUFsZZh1Y3wfutc8cENLydCP5oppAkfGi65f7AuZ4pDgsIg3XW
	u03zc6WzvvEog8lnnfBi2QFuofB2JxcEQx1+zUPjrmzC32JYxTwtVp7o4C9y50ALSeS+
	Mb5VFAJHXxH1zl2jjuQVbzUYtjztP1BJUT/ABGyb68fGYhwQDhTUdlankyWXDjavMTW7
	6NWDZyWGDSX+JutgVw0SuigA2/U6kHEC5vhjbYMEaFz9vJOSRrbqw0ZK7jHx4StGTlCq
	NBug==
X-RZG-AUTH: ":IWkkfkWkbvHsXQGmRYmUo9mlsGbEv0XHBzMIJSS+jKTzde5mDb8AaBEcYyRB"
X-RZG-CLASS-ID: mo00
Received: from mail-vs1-f43.google.com
	by smtp.strato.de (RZmta 46.1.12 AUTH)
	with ESMTPSA id m00b15w1CIM7C7x
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits))
	(Client did not present a certificate)
	for <internals@lists.php.net>;
	Wed, 12 Feb 2020 19:22:07 +0100 (CET)
Received: by mail-vs1-f43.google.com with SMTP id x18so2155528vsq.4
        for <internals@lists.php.net>; Wed, 12 Feb 2020 10:22:07 -0800 (PST)
X-Gm-Message-State: APjAAAXpapLaUeeRgV/fg0Be7IbVmR72dcXkPyJuSJ1MRyCPWTdwaZZz
	ZCpctwvRv1m8evln8B67oVM4LpqvMmb2nuwyk3o=
X-Google-Smtp-Source: APXvYqzmur2chn29CSMpJJnSy60zXXJQafBPVd8nJXpk4q8mxw0fTsSOLKpJvBjExRG04FvTKTmSx9gMYaKt7eY/t24=
X-Received: by 2002:a67:f14d:: with SMTP id t13mr13246817vsm.55.1581531727101;
 Wed, 12 Feb 2020 10:22:07 -0800 (PST)
MIME-Version: 1.0
References: <50BD013E-CF72-414C-BBC0-A7A2E45CBDDB@pmjones.io>
In-Reply-To: <50BD013E-CF72-414C-BBC0-A7A2E45CBDDB@pmjones.io>
Date: Wed, 12 Feb 2020 19:20:56 +0100
X-Gmail-Original-Message-ID: <CANUQDCiP31aEqULqeGpN66ESHarKxWuXgQt_CqWeCLZc+1L-fA@mail.gmail.com>
Message-ID: <CANUQDCiP31aEqULqeGpN66ESHarKxWuXgQt_CqWeCLZc+1L-fA@mail.gmail.com>
To: "Paul M. Jones" <pmjones@pmjones.io>, PHP Internals <internals@lists.php.net>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] RFC: Server-Side Request and Response Objects (v2)
From: me@kelunik.com (Niklas Keller)

> Hi Internals,
>
> After a couple of years of incubation, I am happy to offer a second versi=
on of this RFC:
>
>   https://wiki.php.net/rfc/request_response
>
> It proposes an object-oriented approach around request and response funct=
ionality already existing in PHP, in order to reduce the global-state probl=
ems that come with superglobals and the various response-related functions.
>
> The SQLite "about" page says, "Think of SQLite not as a replacement for O=
racle but as a replacement for fopen()." <https://www.sqlite.org/about.html=
>  Likewise, think of this RFC not as a replacement for HttpFoundation or P=
SR-7, or as a model of HTTP messages, but as an object-oriented alternative=
 to superglobals, header(), setcookie(), setrawcookie(), and so on.
>
> Thanks in advance for your time and consideration while evaluating it.

Hey Paul,

I think the request / response API is entirely fine being solved in
userland instead of in php-src. However, since you already made such a
proposal, I want to give some feedback:

Naming

I think we shouldn't take over the naming of the super globals, e.g.
$_GET really contains the query parameters and has nothing to do with
GET or POST, so $request->getQueryParameter(...) would be a better
name.

Type Safety

I think the API should be type safe. Currently $request->get['key']
can be null | string | string[] | ... Most parameters only appear a
single time, so a method returning the first parameter value or null
could be used instead.

API Issues

I don't see any reason to keep specials such as
$_SERVER['HTTP_X_REQUESTED_WITH'] vs. $request->requestedWith, which
is just another HTTP header.

If there's $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] =3D> $request->method
and $_SERVER['REQUEST_METHOD'] =3D> $request->method, how can I get the
original  (actual) method?

Given 'echo $content; =3D> $response->setContent($content);', shouldn't
this rather be something like `addContent()`? How does streaming
responses work? There's ServerResponseSender, but I think this should
be part of the Response API.

The Request object should be mutable, e.g. you might want to change
the client IP to be based on a x-forwarded-header instead of the TCP
source address.

Other Commentary

> A: It supports async exactly as much as PHP itself does.

Not really. PHP has built-in stream_select / non-blocking streams, so
supports the tools required for async out of the box.

Regards, Niklas