NAME
App::CamelPKI::Action::JSON - Adapting the Catalyst execution environment for JSON requests.
SYNOPSIS
In the root controller (prefered method - else you must do it everywhere):
use App::CamelPKI::Action::JSON;
sub end : ActionClass('RenderView') {
my ($self, $c) = @_;
App::CamelPKI::Action::JSON->finalize_errors($c);
}
In a regular controller:
sub my_json_controller : ActionClass("+App::CamelPKI::Action::JSON") {
my ($self, $c, $request_structure) = @_;
...
}
Note: the MyAction("JSON")
form documented in Catalyst::Manual::Actions is not implemented in the version of Catalyst released with Ubuntu Edgy, so we don't use it for now (as Edgy is the current development platform).
DESCRIPTION
The ActionClass("+App::CamelPKI::Action::JSON")
annotation states that this Catalyst action process and returns JSON. Affixing this annotation changes the behavior of Catalyst in the following ways:
The App::CamelPKI::View::JSON view is selected;
If an error is raised, it is served in
text/plain
instead of HTML (see "end" in App::CamelPKI);The cross-site request forgery attack (<http://en.wikipedia.org/wiki/JSON#Security_issues>) is blocked.
How to call a JSON view to do JSON-RPC
Set the Accept
header to a value containing the substring application/json
, lest the request be rejected. This is to thwart the cross-site request forgery attack, by ensuring that the deputy is not confused (that is, that the browser actually was aware that it was invoking a JSON resource).
METHODS
- execute($controller, $c)
-
Performs half of this module's mojo. All the gory details are in Catalyst::Manual::Actions.
- finalize_errors($c)
-
Performs the other half of this module's mojo: signaling errors in text format if an error occurs, and if "execute" has been called for this request. To be called from the
end
action of the root controller, as indicated in "SYNOPSIS".