Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:108618
Return-Path: <mike@newclarity.net>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 36617 invoked from network); 16 Feb 2020 13:34:18 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 16 Feb 2020 13:34:18 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 66B4F180504
	for <internals@lists.php.net>; Sun, 16 Feb 2020 03:49:09 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE
	autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <mike@newclarity.net>
Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com [209.85.219.176])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun, 16 Feb 2020 03:49:08 -0800 (PST)
Received: by mail-yb1-f176.google.com with SMTP id f130so7265036ybc.7
        for <internals@lists.php.net>; Sun, 16 Feb 2020 03:49:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=newclarity-net.20150623.gappssmtp.com; s=20150623;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=n4NTYv9/tF3O+gZhq/76efxtl/7gIXoqIPwXcjuu9EM=;
        b=JuFaPM2+DQw6lowkZ9ToySL9lwf8wiBdkT+yzWipGHIX1UjuPkYkt37y0oQkXuanAe
         dbyCRvq7D71gWBnxWwI4x9O/g26IzwdbyFn/tTrmfBm4i4DTKjxLoU2wemWu2Kus4GLL
         ruV68A1y5UanVsr+bzAgXbiCSyQEOgklzbBdb9ZCfXsAi6fDLwIt6e778r5fagrBXXH+
         LIJyYZ3OaR5UCRNFEtPmb/3qMDDcsUHzBLersz3XNc3A2NB/WuU6azOSD+yNEAJNyUCv
         XCZhQH53wpfe/LeVbuuA57uAn/NXW94gQOlSurKqzA+UuLV78KeWNUKTmgWx4NTTcy/G
         206Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=n4NTYv9/tF3O+gZhq/76efxtl/7gIXoqIPwXcjuu9EM=;
        b=JOuo0eJ11JL1B11SwmcPCCkuz2Pisa2uWaxRVQGCH1siFPrPHamIMCBtlmUelJosn9
         D8XSsOOCMr5UZ+fVwsexaL0gMmhrS4deytukXXn/WUBeR/i94JOo8mKZdFkNfjo2xXyx
         ArX1OSitmCwAapJevn49dJFRyCJG4YFo7Qgm0BFvNafCYKStbo+UFuOLoFD8077cFhWW
         XJxVNjViWgghIDMHG7KVnMqfxbaTWSZwphmf5QzW73KQ2LZl1klTJtfvyT8sXgoGfvH9
         1c24C90ulDpCbmto+JG3H4xiUTSbCYEas3Ki85VBnejUJu+giVj5j7r0JFHsvX+NuwSG
         LUmA==
X-Gm-Message-State: APjAAAUxw9Ej4fTmWStNNHN+CHGgadleL/xT1HrATlUzLBn26im1SeOC
	hula8IS5kXcClca2Rarfp5wJdw==
X-Google-Smtp-Source: APXvYqzw2x8rQSKmRJe6sjVkCxplxnDI+O7jG7PNNujn+urXQRwwcS+zaeBLNYfSJRBYVDCuXrmbyQ==
X-Received: by 2002:a25:b90b:: with SMTP id x11mr9727346ybj.288.1581853742942;
        Sun, 16 Feb 2020 03:49:02 -0800 (PST)
Received: from ?IPv6:2601:c0:c680:5cc0:4989:923c:c86c:225a? ([2601:c0:c680:5cc0:4989:923c:c86c:225a])
        by smtp.gmail.com with ESMTPSA id g128sm4960879ywb.33.2020.02.16.03.49.01
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 16 Feb 2020 03:49:01 -0800 (PST)
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
In-Reply-To: <fcf43463-f9f7-4235-a84b-658074772ed7@www.fastmail.com>
Date: Sun, 16 Feb 2020 06:49:00 -0500
Cc: php internals <internals@lists.php.net>
Content-Transfer-Encoding: quoted-printable
Message-ID: <5180E584-2613-4F36-BCAD-4DD047EBC818@newclarity.net>
References: <50BD013E-CF72-414C-BBC0-A7A2E45CBDDB@pmjones.io>
 <CANUQDCiP31aEqULqeGpN66ESHarKxWuXgQt_CqWeCLZc+1L-fA@mail.gmail.com>
 <5904137.fSVIMsojiJ@mcmic-probook>
 <CDBA02D0-07E1-4723-947C-22B403E650C0@pmjones.io>
 <CA+hqhpcOqCqXuOh3bWavJ+pZ5VVhekUO9LkKgd9c+b98VVnZSA@mail.gmail.com>
 <CAG9XoMRm2Nqjg3UbCc5=1_8m2W7qf8QRoSVk6d_qENJCKE1=9A@mail.gmail.com>
 <fcf43463-f9f7-4235-a84b-658074772ed7@www.fastmail.com>
To: Larry Garfield <larry@garfieldtech.com>
X-Mailer: Apple Mail (2.3445.104.11)
Subject: Re: [PHP-DEV] RFC: Server-Side Request and Response Objects (v2)
From: mike@newclarity.net (Mike Schinkel)

> On Feb 15, 2020, at 3:01 AM, Larry Garfield <larry@garfieldtech.com> =
wrote:
>=20
> Data point:
>=20
> In PSR-7, the names used are:
>=20
> - queryParams: The query string values.
> - parsedBody: The body of the message, converted to a meaningful =
value. If the request type is a form, then it MUST be equivalent to =
$_POST.  If not, it's up to the particular implementation to determine =
what "parsed" means.  (Eg, parsing a JSON body of a POST into some =
domain object, or whatever.)
> - The raw body is a stream called "body", or rather an OOP wrapper =
around a stream since PHP's native stream interface is fugly.
> - There's specific handling for uploadedFiles, too.
>=20
> cf: https://www.php-fig.org/psr/psr-7/
>=20
> To the earlier point about existing implementations, while there are a =
myriad of older, custom implementations of abstractions around =
superglobals, there's only two that are not decade-old proprietary =
implementations: HttpFoundation and PSR-7.  Those are, realistically, =
the only implementations that matter.  Anything else would be on the =
same order of magnitude effort to port to one of those as to port to =
this proposal.  In a meaningful sense, those are the only "existing =
competition".  Both also have robust ecosystems that make leveraging =
them in an entirely custom app pretty straightforward.
>=20
> (Whatever your feelings of the technical merits of either design, =
that's the current state-of-the-market.)
>=20
> Which therefore begs the question, is this proposal intended to =
supplant HttpFoundation and PSR-7, or to become a common underpinning =
that both of them wrap, or to be a third cohabitating implementation in =
the ecosystem?
>=20
> It doesn't seem robust enough to supplant both of them entirely, =
there's little value to either HttpFoundation or PSR-7 to rewrite their =
guts to wrap this object (though it's easier for PSR-7, as an interface, =
for someone to write a new implementation of it than for =
HttpFoundation), which would mean we'd end up with a 3rd in-the-wild =
implementation for user space to keep track of.
>=20
> I am unclear how that is a market win.

The win is it allows developer to provide a simple to use object =
oriented interface *in core*. IOW, without having to bring in an =
external PHP-code implementation that may or may not break in the =
future. =20

Another big win would be to allow developers to deprecate use of =
superglobals in their own apps.  However Paul do not want to add an ini =
setting to disable the use of superglobals.

But how could disabling superglobals be done in HttpFoundation or PSR-7? =
 Maybe Paul will reconsider adding such an capability to his RFC because =
it is something we cannot get with HttpFoundation and PSR-7.

Or maybe we should be looking at is a core implementation of PSR-7 =
instead; one that would allow us to disable access to the superglobals? =
One that people could subclass, of course. If we did that, we might hash =
out why some developers do not use PSR-7 and possibly fix its =
(perceived?) faults in a new PSR to amend PSR-7.

-Mike