1 package Catalyst::TraitFor::Request::REST::ForBrowsers;
3 use namespace::autoclean;
5 with 'Catalyst::TraitFor::Request::REST';
9 has _determined_real_method => (
14 has looks_like_browser => (
18 builder => '_build_looks_like_browser',
22 # All this would be much less gross if Catalyst::Request used a builder to
23 # determine the method. Then we could just wrap the builder.
24 around method => sub {
28 return $self->$orig(@_)
29 if @_ || $self->_determined_real_method;
31 my $method = $self->$orig();
34 if ( defined $method && uc $method eq 'POST' ) {
35 $tunneled = $self->param('x-tunneled-method')
36 || $self->header('x-http-method-override');
39 $self->$orig( defined $tunneled ? uc $tunneled : $method );
41 $self->_determined_real_method(1);
43 return $self->$orig();
47 my %HTMLTypes = map { $_ => 1 } qw(
52 sub _build_looks_like_browser {
55 my $with = $self->header('x-requested-with');
57 if $with && grep { $with eq $_ }
58 qw( HTTP.Request XMLHttpRequest );
60 if ( uc $self->method eq 'GET' ) {
61 my $forced_type = $self->param('content-type');
63 if $forced_type && !$HTMLTypes{$forced_type};
66 # IE7 does not say it accepts any form of html, but _does_
67 # accept */* (helpful ;)
69 if $self->accepts('*/*');
72 if grep { $self->accepts($_) } keys %HTMLTypes;
75 if @{ $self->accepted_content_types() };
77 # If the client did not specify any content types at all,
78 # assume they are a browser.
91 Catalyst::TraitFor::Request::REST::ForBrowsers - A request trait for REST and browsers
97 use namespace::autoclean;
100 use CatalystX::RoleApplicator;
104 __PACKAGE__->apply_request_class_roles(qw[
105 Catalyst::TraitFor::Request::REST::ForBrowsers
110 Writing REST-y apps is a good thing, but if you're also trying to support web
111 browsers, you're probably going to need some hackish workarounds. This module
112 provides those workarounds for you.
114 Specifically, it lets you do two things. First, it lets you "tunnel" PUT and
115 DELETE requests across a POST, since most browsers do not support PUT or
116 DELETE actions (as of early 2009, at least).
118 Second, it provides a heuristic to check if the client is a web browser,
119 regardless of what content types it claims to accept. The reason for this is
120 that while a browser might claim to accept the "application/xml" content type,
121 it's really not going to do anything useful with it, and you're best off
126 This class provides the following methods:
128 =head2 $request->method
130 This method works just like C<< Catalyst::Request->method() >> except it
131 allows for tunneling of PUT and DELETE requests via a POST.
133 Specifically, you can provide a form element named "x-tunneled-method" which
134 can override the request method for a POST. This I<only> works for a POST, not
137 You can also use a header named "x-http-method-override" instead (Google uses
138 this header for its APIs).
140 =head2 $request->looks_like_browser
142 This attribute provides a heuristic to determine whether or not the request
143 I<appears> to come from a browser. You can use this however you want. I
144 usually use it to determine whether or not to give the client a full HTML page
145 or some sort of serialized data.
147 This is a heuristic, and like any heuristic, it is probably wrong
148 sometimes. Here is how it works:
154 If the request includes a header "X-Request-With" set to either "HTTP.Request"
155 or "XMLHttpRequest", this returns false. The assumption is that if you're
156 doing XHR, you don't want the request treated as if it comes from a browser.
160 If the client makes a GET request with a query string parameter
161 "content-type", and that type is I<not> an HTML type, it is I<not> a browser.
165 If the client provides an Accept header which includes "*/*" as an accepted
166 content type, the client is a browser. Specifically, it is IE7, which submits
167 an Accept header of "*/*". IE7's Accept header does not include any html types
172 If the client provides an Accept header and accepts either "text/html" or
173 "application/xhtml+xml" it is a browser.
177 If it provides an Accept header of any sort that doesn't match one of the
178 above criteria, it is I<not> a browser.
182 The default is that the client is a browser.
186 This all works well for my apps, but read it carefully to make sure it meets
187 your expectations before using it.
191 Dave Rolsky, C<< <autarch@urth.org> >>
195 Please report any bugs or feature requests to
196 C<bug-catalyst-action-rest@rt.cpan.org>, or through the web interface at
197 L<http://rt.cpan.org>. We will be notified, and then you'll automatically be
198 notified of progress on your bug as I make changes.
200 =head1 COPYRIGHT & LICENSE
202 Copyright 2008-2010 Dave Rolsky, All Rights Reserved.
204 This program is free software; you can redistribute it and/or modify it under
205 the same terms as Perl itself.