POST and PUT requests without (or with incorrect) `Content-Type` header should return a 415 error

Question

POST and PUT requests without (or with incorrect) `Content-Type` header should return a 415 error

florent-uzio opened this issue 4 years ago · 0 comments

Expected Behavior

If the Content-Type: application/json header is missing or incorrect, the PayID server should return a 415 error Unsupported Media Type.

Actual Behavior

If a POST or PUT request is made without (or with an incorrect) Content-Type: application/json, the PayID returns a 400 Bad Request with the following message, despite having a correct payId field in the body:

{
    "statusCode": 400,
    "error": "Bad Request",
    "message": "A `payId` must be provided in the request body."
}

Context

It can be misleading to see that a payId field is required even if it is present in the body.
The actual error doesn't describe what the real error is (an invalid Content-Type header).

Potential Solution

Let's use the new checkAdminApiContentTypeHeaders function in checkAdminApiHeaders.ts in the Admin routes.

Steps to Reproduce

Execute this cURL request which doesn't include Content-Type application/json:

curl --location --request POST 'http://127.0.0.1:8081/users' \
--header 'PayID-API-Version: 2020-05-28' \
--data-raw '{
	"payId": "alice$127.0.0.1",
	"addresses": [ 
		{
			"paymentNetwork": "XRPL",
			"environment": "TESTNET",
			"details": {
			  "address": "TVnGpXXZZ3xAZfhT42ntuCR4Uh3Rv9LE4BcZJeH1zds2CQ2"
			}
		}
	]
}'

Environment

Node version:
v13.8.0
NPM version:
6.14.5
Operating System and version:
MacOS Mojave 10.14.6
PayID server version:
Latest
PayID Version header (if applicable):
1.0

Screenshots

If applicable, add screenshots to help explain your problem.

Bonus

Are you willing to submit a pull request to fix this bug?
Yes