diff --git a/rest/httpx/requests.go b/rest/httpx/requests.go index 115cd11f..e5c4be4a 100644 --- a/rest/httpx/requests.go +++ b/rest/httpx/requests.go @@ -83,8 +83,13 @@ func ParseHeader(headerValue string) map[string]string { // Parses the post request which contains json in body. func ParseJsonBody(r *http.Request, v interface{}) error { - var reader io.Reader + switch r.Method { + case http.MethodDelete, http.MethodPatch, http.MethodPost, http.MethodPut: + default: + return ErrBodylessRequest + } + var reader io.Reader if withJsonBody(r) { reader = io.LimitReader(r.Body, maxBodyLen) } else { diff --git a/rest/httpx/requests_test.go b/rest/httpx/requests_test.go index 49ecaa7e..a6411479 100644 --- a/rest/httpx/requests_test.go +++ b/rest/httpx/requests_test.go @@ -134,6 +134,26 @@ func BenchmarkParseRaw(b *testing.B) { } } +func TestParseJsonBodyless(t *testing.T) { + methods := []string{ + http.MethodConnect, + http.MethodGet, + http.MethodHead, + http.MethodOptions, + http.MethodTrace, + } + + for _, method := range methods { + t.Run(method, func(t *testing.T) { + r, err := http.NewRequest(http.MethodGet, "http://hello.com", nil) + if err != nil { + t.Fatal(err) + } + assert.Equal(t, ErrBodylessRequest, ParseJsonBody(r, nil)) + }) + } +} + func BenchmarkParseAuto(b *testing.B) { r, err := http.NewRequest(http.MethodGet, "http://hello.com/a?name=hello&age=18&percent=3.4", nil) if err != nil { diff --git a/rest/httpx/constants.go b/rest/httpx/vars.go similarity index 81% rename from rest/httpx/constants.go rename to rest/httpx/vars.go index 3df99c8d..f4a6d6d9 100644 --- a/rest/httpx/constants.go +++ b/rest/httpx/vars.go @@ -1,5 +1,7 @@ package httpx +import "errors" + const ( ApplicationJson = "application/json" ContentEncoding = "Content-Encoding" @@ -17,3 +19,5 @@ const ( CodeSignatureWrongTime CodeSignatureInvalidToken ) + +var ErrBodylessRequest = errors.New("not a POST|PUT|PATCH request")