球拍中的POST/GET绑定 [英] POST/GET bindings in Racket

问题描述

是否有内置的方法可以在Racket中获取POST/GET参数? extract-binding和朋友做我想要的事，但有一封关于与文件上传相关的潜在安全风险的可怕说明，总结为

Is there a built-in way to get at POST/GET parameters in Racket? extract-binding and friends do what I want, but there's a dire note attached about potential security risks related to file uploads which concludes

因此，我们建议您反对他们 使用，但它们是为 与旧代码的兼容性.

Therefore, we recommend against their use, but they are provided for compatibility with old code.

我能想到的最好的方法是(并且请原谅我)

The best I can figure is (and forgive me in advance)

(bytes->string/utf-8 (binding:form-value (bindings-assq (string->bytes/utf-8 "[field_name_here]") (request-bindings/raw req))))

，但这似乎不必要地复杂(并且似乎会受到绑定"部分中记录的某些相同的错误的困扰).

but that seems unnecessarily complicated (and it seems like it would suffer from some of the same bugs documented in the Bindings section).

在给定字段名称和请求的情况下，是否有某种或多或少的标准，轻松的方法来获取POST/GET变量的值?还是更好的方法是，以列表/哈希/列表的形式返回POST/GET值的集合?除非有这两个功能，否则是否有一个功能可以做到这一点，但仅适用于POST变量，而忽略GET?

Is there a more-or-less standard, non-buggy way to get the value of a POST/GET-variable, given a field name and request? Or better yet, a way of getting back a collection of the POST/GET values as a list/hash/a-list? Barring either of those, is there a function that would do the same, but only for POST variables, ignoring GETs?

推荐答案

提取绑定很糟糕，因为它不区分大小写，对于多次返回的输入非常混乱，无法处理文件上传，并自动假定所有内容均为UTF-8，不一定是正确的.如果您可以接受这些问题，请随时使用它.

extract-binding is bad because it is case-insensitive, is very messy for inputs that return multiple times, doesn't have a way of dealing with file uploads, and automatically assumes everything is UTF-8, which isn't necessarily true. If you can accept those problems, feel free to use it.

当数据为UTF-8且仅返回一个字段时，您编写的代码段将起作用.您可以将其定义为一个函数，避免多次编写.

The snippet you wrote works when the data is UTF-8 and when there is only one field return. You can define it is a function and avoid writing it many times.

通常，我建议使用表单来处理表单及其值.

In general, I recommend using formlets to deal with forms and their values.

现在您的问题...

在给定字段名称和请求的情况下，是否有一种或多或少的标准，简便的方法来获取POST/GET变量的值?"

"Is there a more-or-less standard, non-buggy way to get the value of a POST/GET-variable, given a field name and request?"

您拥有的是标准的东西，尽管您错误地认为只有一个值.如果有多个，则需要过滤字段名称上的绑定.同样，您不需要将值转换为字符串，可以将其保留为字节就可以了.

What you have is the standard thing, although you wrongly assume that there is only one value. When there are multiple, you'll want to filter the bindings on the field name. Similarly, you don't need to turn the value into a string, you can leave it as bytes just fine.

或者更好的是，将POST/GET值的集合作为列表/哈希/列表返回的一种方法?"

"Or better yet, a way of getting back a collection of the POST/GET values as a list/hash/a-list?"

这就是请求绑定/原始操作.是绑定列表吗?对象.由于返回多个值，将其转换为哈希值没有意义.

That's what request-bindings/raw does. It is a list of binding? objects. It doesn't make sense to turn it into a hash due to multiple value returns.

除非其中任何一个，是否有一个函数可以执行相同的操作，但仅适用于POST变量，而忽略GET?"

"Barring either of those, is there a function that would do the same, but only for POST variables, ignoring GETs?"

Web服务器向您隐藏POST和GET之间的差异.您可以检查uri和原始帖子数据以恢复它们，但是您必须自己解析它们.我不推荐.

The Web server hides the difference between POSTs and GETs from you. You can inspect uri and raw post data to recover them, but you'd have to parse them yourself. I don't recommend it.

周杰伦

这篇关于球拍中的POST/GET绑定的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！