[Catalyst] JSONP support Catalyst::Controller::DBIC::API

Hartmaier Alexander alexander.hartmaier at t-systems.at
Fri Mar 17 10:06:20 GMT 2017 

If someone wants JSONP support, yes.

Best regards, Alex


On 2017-03-16 18:07, Rajesh Kumar Mallah wrote:
>
>
>
> Ok are you suggesting DBIC::API needs to be enhanced for
> JSONP support ?
>
>
> Regds
> Mallah.
>
>> Looks like a code injection attack vector to me...
>>
>> Patch + Tests for DBIC::API welcome!
>>
>>
>> On 2017-03-09 11:05, Rajesh Kumar Mallah wrote:
>>>
>>>
>>> For the time being i have modified and solved my issue as below:
>>>
>>> sub end : Private {
>>>        my ( $self, $c ) = @_;
>>>
>>>        ##
>>>        # code for manipulating stash here
>>>        ##
>>>
>>>        $c->forward('serialize');
>>>
>>>        my $cb = $c->request->params->{callback} ;
>>>
>>>        if ($cb) {
>>>        my $body = \$c->res->body;
>>>        $$body = "$cb ($$body);";
>>>        $c->res->body($$body);
>>>        }
>>>
>>> }
>>>
>>>
>>> regds
>>> mallah.
>>>
>>>
>>>> Hi ,
>>>>
>>>> How to get JSON response body wrapped in a callback function
>>>> call (a.k.a JSONP) when using Catalyst::Controller::DBIC::API::REST
>>>>
>>>> I use Catalyst::Controller::DBIC::API and 'end' function
>>>> in ControllerBase is like below:
>>>>
>>>> sub end : Private {
>>>>       my ( $self, $c ) = @_;
>>>>
>>>>       ##
>>>>        # code for manipulating stash here
>>>>       ##
>>>>
>>>>       $c->forward('serialize');
>>>> }
>>>>
>>>> =============================================
>>>> In   Catalyst/Controller/DBIC/API.pm
>>>>
>>>> # from Catalyst::Action::Serialize
>>>> sub serialize : ActionClass('Serialize') { }
>>>>
>>>> =============================================
>>>>
>>>>
>>>> My other JSON responses which are rendered via MyApp::View::JSON
>>>> can be modified as JSONP compatible as i have below in my App config
>>>>
>>>> __PACKAGE__->config({
>>>>         'View::JSON' => {
>>>>             allow_callback  => 1,    # defaults to 0
>>>>         },
>>>> });
>>>>
>>>>
>>>> ===============================================
>>>>
>>>>
>>>> The problem is only with automatically generated rest endpoints
>>>> from  Catalyst::Controller::DBIC::API.
>>>>
>>>> Thanks in anticipation.
>>>>
>>>>
>>>> Regds
>>>> mallah.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> List: Catalyst at lists.scsys.co.uk
>>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>>> Searchable archive:
>>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>>> Dev site: http://dev.catalyst.perl.org/
>>
>>
>>
>   *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
>> T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
>> Handelsgericht Wien, FN 79340b
>>
>   *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
>> Notice: This e-mail contains information that is confidential and may be
>> privileged.
>> If you are not the intended recipient, please notify the sender and then
>> delete this e-mail immediately.
>>
>   *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
>> _______________________________________________
>> List: Catalyst at lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive:
>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>> Dev site: http://dev.catalyst.perl.org/
>>
>
>
>
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

More information about the Catalyst mailing list