Change default Accept header to application/json
#9309
Conversation
|
@sambostock: Thank you for submitting a pull request! Before we can merge it, you'll need to sign the Apollo Contributor License Agreement here: https://contribute.apollographql.com/ |
| @@ -95,7 +95,7 @@ const defaultHttpOptions: HttpQueryOptions = { | |||
|
|
|||
| const defaultHeaders = { | |||
| // headers are case insensitive (https://stackoverflow.com/a/5259004) | |||
| accept: '*/*', | |||
| accept: 'application/json', | |||
There was a problem hiding this comment.
This should probably be documented somewhere (in addition to in CHANGELOG).
It is probably worth considering if there are other sane defaults we should set here.
|
CI failures seem unrelated
|
Yes, it is related to this #9287. |
While the GraphQL spec does not specify JSON as the serialization format, it it by far the most popular. Therefore, it we can provide a better default accept header, especially given we already default to "application/json" for the content-type header. Consumers continue to have the ability to override this if necessary.
sambostock
force-pushed
the
improve-default-headers
branch
from
cec3787 to
c8f6903
Compare
jpvajda
added
🏓 awaiting-contributor-response
|
Hey @sambostock 👋 I'm going through some older PRs and came across this one. While I think this change is a positive one for the reasons you mention in the description, unfortunately this might be a breaking change for some users. I've added this to our 4.0 wishlist of things we're considering changing. In the meantime, I'm going to go ahead and close this. We'll revisit this when we get closer to development on 4.0. Appreciate the PR and thought put behind it! |
What
While the GraphQL spec does not specify JSON as the serialization format, it it by far the most popular.
Therefore, it we can provide a better default
acceptheader, especially given we already default toapplication/jsonfor thecontent-typeheader. Consumers continue to have the ability to override this if necessary.This changes the default
acceptheader from*/*toapplication/json.Why
Setting reasonable defaults can help consumers who might not think to set certain configuration, or who assume it is already being set.
One example of how this particular setting is useful is for consumers using an API behind an authorization reverse proxy (such as OAuth2-Proxy) which checks if the request is authorized before forwarding it to the actual GraphQL server. Many such services will check the
Acceptheader to determine the appropriate response for an unauthorized request. For example, OAuth2-Proxy's behaviour is:Currently, Apollo-Client uses
accept: */*, which means that unauthorized requests are routed to the authentication provider instead of resulting in a401 Unauthorizedresponse. Apollo-Client then follows the redirect resulting in it trying to handle a200 OKresponse containing an HTML login page, which blows up onJSON.parse.By setting a better default, these cases will result in a far more easily actioned error.
Checklist: