Commit 65862d8f authored by Zach Copley's avatar Zach Copley

Suppress HTTP error headers for JSONP API output

parent d73feb82
......@@ -126,6 +126,7 @@ class ApiAction extends Action
var $max_id = null;
var $since_id = null;
var $source = null;
var $callback = null;
var $access = self::READ_ONLY; // read (default) or read-write
......@@ -145,6 +146,7 @@ class ApiAction extends Action
parent::prepare($args);
$this->format = $this->arg('format');
$this->callback = $this->arg('callback');
$this->page = (int)$this->arg('page', 1);
$this->count = (int)$this->arg('count', 20);
$this->max_id = (int)$this->arg('max_id', 0);
......@@ -1185,9 +1187,8 @@ class ApiAction extends Action
header('Content-Type: application/json; charset=utf-8');
// Check for JSONP callback
$callback = $this->arg('callback');
if ($callback) {
print $callback . '(';
if (isset($this->callback)) {
print $this->callback . '(';
}
break;
case 'rss':
......@@ -1216,8 +1217,7 @@ class ApiAction extends Action
case 'json':
// Check for JSONP callback
$callback = $this->arg('callback');
if ($callback) {
if (isset($this->callback)) {
print ')';
}
break;
......@@ -1247,7 +1247,10 @@ class ApiAction extends Action
$status_string = ClientErrorAction::$status[$code];
header('HTTP/1.1 '.$code.' '.$status_string);
// Do not emit error header for JSONP
if (!isset($this->callback)) {
header('HTTP/1.1 '.$code.' '.$status_string);
}
if ($format == 'xml') {
$this->initDocument('xml');
......@@ -1280,7 +1283,10 @@ class ApiAction extends Action
$status_string = ServerErrorAction::$status[$code];
header('HTTP/1.1 '.$code.' '.$status_string);
// Do not emit error header for JSONP
if (!isset($this->callback)) {
header('HTTP/1.1 '.$code.' '.$status_string);
}
if ($content_type == 'xml') {
$this->initDocument('xml');
......
......@@ -227,7 +227,7 @@ class ApiAuthAction extends ApiAction
} catch (OAuthException $e) {
common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
$this->showAuthError();
$this->clientError($e->getMessage(), 401, $this->format);
exit;
}
}
......@@ -265,7 +265,7 @@ class ApiAuthAction extends ApiAction
// show error if the user clicks 'cancel'
$this->showAuthError();
$this->clientError("Could not authenticate you.", 401, $this->format);
exit;
} else {
......@@ -298,7 +298,7 @@ class ApiAuthAction extends ApiAction
$proxy,
$ip);
common_log(LOG_WARNING, $msg);
$this->showAuthError();
$this->clientError("Could not authenticate you.", 401, $this->format);
exit;
}
}
......@@ -345,36 +345,4 @@ class ApiAuthAction extends ApiAction
}
}
}
/**
* Output an authentication error message. Use XML or JSON if one
* of those formats is specified, otherwise output plain text
*
* @return void
*/
function showAuthError()
{
header('HTTP/1.1 401 Unauthorized');
$msg = 'Could not authenticate you.';
if ($this->format == 'xml') {
header('Content-Type: application/xml; charset=utf-8');
$this->startXML();
$this->elementStart('hash');
$this->element('error', null, $msg);
$this->element('request', null, $_SERVER['REQUEST_URI']);
$this->elementEnd('hash');
$this->endXML();
} elseif ($this->format == 'json') {
header('Content-Type: application/json; charset=utf-8');
$error_array = array('error' => $msg,
'request' => $_SERVER['REQUEST_URI']);
print(json_encode($error_array));
} else {
header('Content-type: text/plain');
print "$msg\n";
}
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment