Univention Bugzilla – Bug 54241
UDM REST API Swagger UI adds strange headers and parameters to queries
Last modified: 2021-12-13 14:57:04 CET
The Swagger UI of the UDM REST API by default adds 5 useless and confusing headers and parameters: * "User-Agent: UCS 4.4-1-errata241" * "Accept-Language: de-DE; q=1.0, en-US; q=0.9" * scope=sub * query={"": "*"} * hidden=true to both the WebUI and the query sent to the server. A helpful feature of the Swagger UI is that it constructs the curl call that would result in the desired request. This feature is often used by developers to copy the call into their code and translate it into programming language. The unnecessary headers and parameters make the call unnecessary complicated: curl -X GET "https://m40.uni.dtr/univention/udm/users/user/?scope=sub&query%5B%5D=%2A&hidden=true" -H "accept: application/json" -H "User-Agent: UCS 4.4-1-errata241" -H "Accept-Language: de-DE; q=1.0, en-US; q=0.9" instead of: curl -X GET "https://m40.uni.dtr/univention/udm/users/user/" -H "accept: application/json" Remove the unnecessary and confusing headers and parameters.
BTW: "User-Agent: UCS 4.4-1-errata241" root@m40:~# univention-app info UCS: 5.0-0 errata164
(In reply to Daniel Tröder from comment #0) > The Swagger UI of the UDM REST API by default adds 5 useless and confusing > headers and parameters: These are examples on the usage. > * "User-Agent: UCS 4.4-1-errata241" OK, may be removed but this is what the CLI client sends (with the correct UCS Version). We could instead fix the version. > * "Accept-Language: de-DE; q=1.0, en-US; q=0.9" This should still be added, as Content-Negotiation based on this is done. > * scope=sub > * query={"": "*"} > * hidden=true At least one of them is required so that the request is treated as search.
(In reply to Florian Best from comment #2) > (In reply to Daniel Tröder from comment #0) > > The Swagger UI of the UDM REST API by default adds 5 useless and confusing > > headers and parameters: > These are examples on the usage. They are confusing. It is enough to put them into the description of the field. > > * "User-Agent: UCS 4.4-1-errata241" > OK, may be removed but this is what the CLI client sends (with the correct > UCS Version). We could instead fix the version. This is not sent by my browser or any of my Python clients. There should not be anything hard coded. If a client sends such a string that's fine, but it is not required in the SwaggerUI. > > * "Accept-Language: de-DE; q=1.0, en-US; q=0.9" > This should still be added, as Content-Negotiation based on this is done. This is not required and not sent by any real world client. The server can set this internally as default if nothing sent and it needs that, but it is not required in the SwaggerUI. > > * scope=sub > > * query={"": "*"} > > * hidden=true > At least one of them is required so that the request is treated as search. As above: That is an unnecessary requirement for a client. It is the standard, that a resource lists its collection without a filter, when no parameter is sent. Why require clients to send something when it can simply be the default? As with the arguments above, this requirement should be removed.