Skip to content

Commit b7258ef

Browse files
alebedev80alebedev80
authored
fix: error 500 on request with 'empty' accept headers, e.g. 'accept: 0' or 'accept: ' (#5767)
* BUG: Error 500 on request with 'empty' Accept headers, e.g. 'Accept: 0' or 'Accept: '
1 parent 8d04dcf commit b7258ef

File tree

2 files changed

+35
-1
lines changed

2 files changed

+35
-1
lines changed

src/Symfony/EventListener/AddFormatListener.php

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
use ApiPlatform\Api\FormatMatcher;
1717
use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
1818
use ApiPlatform\Util\OperationRequestInitiatorTrait;
19+
use Negotiation\Exception\InvalidArgument;
1920
use Negotiation\Negotiator;
2021
use Symfony\Component\HttpFoundation\Request;
2122
use Symfony\Component\HttpKernel\Event\RequestEvent;
@@ -73,8 +74,15 @@ public function onKernelRequest(RequestEvent $event): void
7374
// First, try to guess the format from the Accept header
7475
/** @var string|null $accept */
7576
$accept = $request->headers->get('Accept');
77+
7678
if (null !== $accept) {
77-
if (null === $mediaType = $this->negotiator->getBest($accept, $mimeTypes)) {
79+
try {
80+
$mediaType = $this->negotiator->getBest($accept, $mimeTypes);
81+
} catch (InvalidArgument) {
82+
throw $this->getNotAcceptableHttpException($accept, $flattenedMimeTypes);
83+
}
84+
85+
if (null === $mediaType) {
7886
throw $this->getNotAcceptableHttpException($accept, $flattenedMimeTypes);
7987
}
8088

tests/Symfony/EventListener/AddFormatListenerTest.php

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -264,6 +264,32 @@ public function testInvalidAcceptHeader(): void
264264
$listener->onKernelRequest($event);
265265
}
266266

267+
public function testZeroAcceptHeader(): void
268+
{
269+
$this->expectException(NotAcceptableHttpException::class);
270+
$this->expectExceptionMessage('Requested format "0" is not supported. Supported MIME types are "application/octet-stream", "application/json"');
271+
272+
$request = new Request([], [], ['_api_resource_class' => 'Foo', '_api_operation_name' => 'get']);
273+
$request->headers->set('Accept', '0');
274+
275+
$eventProphecy = $this->prophesize(RequestEvent::class);
276+
$eventProphecy->getRequest()->willReturn($request);
277+
$event = $eventProphecy->reveal();
278+
279+
$resourceMetadataFactoryProphecy = $this->prophesize(ResourceMetadataCollectionFactoryInterface::class);
280+
$resourceMetadataFactoryProphecy->create('Foo')->shouldBeCalled()->willReturn(new ResourceMetadataCollection('Foo', [
281+
new ApiResource(operations: [
282+
'get' => new Get(outputFormats: [
283+
'binary' => ['application/octet-stream'],
284+
'json' => ['application/json'],
285+
]),
286+
]),
287+
]));
288+
289+
$listener = new AddFormatListener(new Negotiator(), $resourceMetadataFactoryProphecy->reveal());
290+
$listener->onKernelRequest($event);
291+
}
292+
267293
public function testAcceptHeaderTakePrecedenceOverRequestFormat(): void
268294
{
269295
$request = new Request([], [], ['_api_resource_class' => 'Foo', '_api_operation_name' => 'get']);

0 commit comments

Comments
 (0)