This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2023-11-13
Channels
- # announcements (2)
- # babashka (30)
- # beginners (44)
- # biff (20)
- # calva (15)
- # cider (7)
- # clerk (4)
- # clojure (15)
- # clojure-austin (1)
- # clojure-europe (35)
- # clojure-hungary (1)
- # clojure-nl (1)
- # clojure-norway (6)
- # clojure-uk (7)
- # clojurescript (33)
- # conjure (1)
- # cryogen (1)
- # cursive (3)
- # data-science (8)
- # docker (2)
- # emacs (78)
- # gratitude (2)
- # hyperfiddle (26)
- # improve-getting-started (1)
- # jobs-discuss (12)
- # lsp (7)
- # malli (11)
- # missionary (57)
- # off-topic (14)
- # pathom (13)
- # portal (6)
- # reagent (6)
- # releases (3)
- # ring (25)
- # shadow-cljs (18)
- # squint (11)
- # vim (3)
Hi folks, I’m using reitit.ring.coercion/coerce-request-middleware
with malli, what can I do to avoid losing keys that are not defined in my schema. For example. If I send this parameters
{:parameters {:body {:username "my-username"
:email ""
:phone }}}
and my schema is something like
(def MySchema
(malli.core/schema [:map [:username :string]
[:email :string]]))
map schemas are open by default, but I’m not able to get the :phone
parameter in my handler once it goes through the coerce-request-middleware
unless I explicitly define it. I would like to be able to get any key that is not explicitly defined in my schema. What should I do?Are the extra keys dropped altogether, or just not being converted to keywords? Can you (get body "phone")
?
Depending on the answer to that, you might want to try something like:
(def MySchema
(malli.core/schema [:and [:map [:username :string]
[:email :string]]
[:map-of :keyword :any]]))
@U055XFK8V nowadays, you can define the “extra keys” like Schema does:
(m/validate
[:map
[:x :int]
[:y :int]
[::m/default [:map-of :int :int]]]
{:x 1, :y 2, 1 1, 2 2})
; => true
but, :map
has also the :closed
property:
1. [:map]
- open by default (but reitit closes all maps for better web security)
2. [:map {:closed true}]
- explicitly closed
3. [:map {:closed false}]
- explicitly open
… with reitit, I would:
• if it’s just one schema, use the option 3
• if it’s all schemas, I would look for the malli coercion options, you can remove the “close by default” thing
@U055XFK8V the extra keys are dropped altogether.
Thanks @ikitommi will try those options.
@ikitommi Are there more details about these two options in https://github.com/metosin/reitit/blob/620d0c271175a4e11d91d922b26c8162660db3f9/doc/coercion/malli_coercion.md#configuring-coercion?
;; add/set default values
:default-values true
;; malli options
:options nil
For the record, setting :strip-extra-keys false
and mu/open-schema
worked like a charm! Thx
Hi @ikitommi You said “(but reitit closes all maps for better web security)“. What kind of risks are we facing if we open all schemas?
Storage, injection, denial attacks, are all risks you take on when you let any data into your system at large
Hi @ikitommi You said “(but reitit closes all maps for better web security)“. What kind of risks are we facing if we open all schemas?