Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:122239
Return-Path: <tovilo.ilija@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 72384 invoked from network); 24 Jan 2024 11:01:20 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 24 Jan 2024 11:01:20 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1706094124; bh=OEm9uty3rkcgV+rIKzfRSBkeEVtd9OtJHcDMXh6hDIQ=;
	h=References:In-Reply-To:From:Date:Subject:To:From;
	b=blM8UAJ6qM/Lb/VyBx3dkOUcCfxrm/8NpHF8pO47MNHIo/gtYIr2zW72gLI0koZSq
	 eSE7EZcl6meGQQqJpRzlnV7kFwuJ9xVjIP3UKWxwOOHwUZNd/Gg6t6M8qOpIPIyTYX
	 f56hYtFXUmAscKeJ9GQ73/qsAyCcuG596QkXXDJb174319b/+PUh6yva57lG5iz5T+
	 y9jHgCSqrhDq1+KgKqGPuLdlDksJEJVDmzxb30OHdkZotLhJoAjtMCinGB4XYuuFwz
	 XVke4Qp6eGXZPGVdNJa26GCJoUvSxkIEhHr7eZMhPjBmpDjRmVzE76fDtlrtT3EcFJ
	 JJ8jCETwhY3eQ==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id A0D91180064
	for <internals@lists.php.net>; Wed, 24 Jan 2024 03:02:03 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,FREEMAIL_FROM,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS
	autolearn=no autolearn_force=no version=4.0.0
X-Spam-Virus: No
X-Envelope-From: <tovilo.ilija@gmail.com>
Received: from mail-qk1-f175.google.com (mail-qk1-f175.google.com [209.85.222.175])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed, 24 Jan 2024 03:02:03 -0800 (PST)
Received: by mail-qk1-f175.google.com with SMTP id af79cd13be357-783045e88a6so384291185a.0
        for <internals@lists.php.net>; Wed, 24 Jan 2024 03:01:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1706094078; x=1706698878; darn=lists.php.net;
        h=content-transfer-encoding:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=XUEFGn8pYP7KRwRUDz5tgU8CTMsWNpU7c3EEeKTWBNg=;
        b=LIKlpVWLZJQ697cZwN9+7U8R1XKdq27akUM82O+Ez1obDuAtvmWi9aixrmI56wLdP5
         /aOT3rMy85R0/9fPp3CXWUCKcpYowFTqSSrrbv2THO3xOddvp6wONLfw6x1ZR1Sj+nsa
         pQjsUu73KKDuUbO35LSmoD4qVXLA43pcuw6hBwLjPetADO/GaTk8mRUFtGI+NYxskPoz
         Tz0JnggTcjLZOUiJRiqH8tmSDYQ0uLTwFMT2dZDs1gnCHmjC9kbYrJDsm8438LnqBBG5
         xODXPzshZyeWYKLCGnAWON/tfIp9IbaNLbIuWkmza0A01CuQcmlXZ9F5vV/zWSeEm/Sq
         /3KA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1706094078; x=1706698878;
        h=content-transfer-encoding:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=XUEFGn8pYP7KRwRUDz5tgU8CTMsWNpU7c3EEeKTWBNg=;
        b=ig+dCyGv3J89e9kyJJT8RwoqXB/XuxkVMu0TIizZRbXq3DvhgbbjPvL2LgT+24ff3t
         eX1QZSbKaNLWbUSGCq4+IGEjr7Il9DhAF7NKNY7o/za9+PN48e/9GsbIwyz7Nk6JH+O6
         IuzF22EYIbsAXodV8AbSEs9Yjc/96w7nL7vBSS5xYxFJFJsqljNlwPaqm7QZ0MUnNBLX
         9uR/W1CU3WNQ8Ru7tcQISCiAIo1GTtEbL0lU1h8e2ae/yshXvL23LKrSy1/+Ol0qv8X1
         17ui9Qqu9IuyPNCznjg52PV5PUKakwx/PlqferZrPUclPed/6+GWEPdjiUBbrGsHHCL9
         8RFw==
X-Gm-Message-State: AOJu0YzxmtawUVMRPHAJsT1YUOVbQiJkhbP1v0ylEv6udx6GaaP1kOKR
	sXZRV7l6LFY/yBI82RY9YJVlfCasz0RgoiGf5XsYEyStglwSKFg2WRcp3Y/QCIu8pKwyVBnVyDx
	tbt81wx6D5FIl/oxcF3k9VqHY9TWVVv+bdqhvlg==
X-Google-Smtp-Source: AGHT+IFVH3guQO+PS2JcSFKBo2LMz/M+YqUT0FRAYEuEXCsaZh9gw8jKr2c1fGatWxeyWypWT3dyPpLTnihz3tOb2QY=
X-Received: by 2002:ad4:5bce:0:b0:686:ac36:f5fd with SMTP id
 t14-20020ad45bce000000b00686ac36f5fdmr1408551qvt.110.1706094078160; Wed, 24
 Jan 2024 03:01:18 -0800 (PST)
MIME-Version: 1.0
References: <CAPyj-LD2W0E+xz0Je5LscQ7d4UONxT2T1eZ0Pw6YjC3wHNbGhg@mail.gmail.com>
 <CAESVnVpMr+TPAwaRve_7sRmeZcLEu37iFH0cgsCQD98DQHxH2w@mail.gmail.com>
In-Reply-To: <CAESVnVpMr+TPAwaRve_7sRmeZcLEu37iFH0cgsCQD98DQHxH2w@mail.gmail.com>
Date: Wed, 24 Jan 2024 12:01:07 +0100
Message-ID: <CAPyj-LC3+8Ok4RFPrqSmeDOE9wmzJ7x37gFc7=iKXz=NuwGS5A@mail.gmail.com>
To: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] [RFC][Vote] RFC1867 for non-POST HTTP verbs
From: tovilo.ilija@gmail.com (Ilija Tovilo)

Hi Sara

Thank you for your feedback.

On Tue, Jan 23, 2024 at 8:41=E2=80=AFPM Sara Golemon <pollita@php.net> wrot=
e:
>
> On Mon, Jan 22, 2024 at 1:24=E2=80=AFAM Ilija Tovilo <tovilo.ilija@gmail.=
com> wrote:
>
> > I started the vote on the "RFC1867 for non-POST HTTP verbs" RFC.
> > https://wiki.php.net/rfc/rfc1867-non-post
> >
>
> 1/ This function reaches into the SAPI to pull out the "special" body
> data.  That's great, but what about uses where providing an input string
> makes sense.  For that, and for point 2, I'd suggest
> `http_parse_query(string $query, ?array $options =3D null): array|object`=
.

The RFC previously included support for the $input_stream variable
(string is not very appropriate for multipart because the input may be
arbitrarily large). The implementation wasn't complex, but it required
duplication of all the reads to support both a direct read from the
SAPI and a read from the stream, duplication of some limit checks and
special passing of the streams to avoid SAPI API breakage.

As for actual use cases, I found limited evidence that this function
would be useful for worker-based services _right now_. Most services
handle request parsing in some other layer. For example, RoadRunner
has a Go server that stores the file to disk, and then just passes the
appropriate path to PHP in the $_FILES array. It seems to me that a
custom input would be useful exclusively for a web server written in
PHP. The one that was pointed out to me (AdapterMan) handles requests
as strings, which would not scale for multipart requests.

I don't mind getting back to this if AdapterMan rewrites request
handling to use streams. Adding back the $input_stream parameter can
be done with no BC breaks. But for the time being, I don't think the
motivation is big enough to justify the added complexity.

Additionally, because multipart is used exclusively as a request
content type, it isn't useful in a general sense either, because a PHP
request will typically only receive one request (but potentially
multiple responses, in case it communicates with other servers).

> 2/ `request_` represents a new psuedo-namespace, functions are easier to
> find and associate if we keep them grouped.  I recommend 'http_` because =
it
> compliments the very related function `http_build_query()`, and for the
> version of this function which refers directly to the request:
> `http_parse_request(?array $options =3D null) : array|object`.

That's fair. If the name bothers you I can create an amendment RFC. I
think http_parse_body() would be a bit more appropriate, because
request implies more than just the body.

Ilija