我应该在响应中包含输入查询参数吗?
假设我有一个返回人名的端点。 我允许我的客户按国家/地区过滤结果。
我想知道,我是否应该在响应中包含country属性,即使它与客户端请求的匹配。
例如,当用户发送下面的请求时
/人?国家=英国
我应该回去吗?
[{"name":"tom"},{"name"="tim"}]要么
[{"name":"tom","country":"UK"},{"name":"tim","country":"UK"}]作为回应?
Should I include the input query parameter in the response?
Let's say that I have an endpoint which returns people's names. I am allowing my client to filter the result by country.
I wonder, should I include the country property in the response or not, even though it matches what the client requested.
For example when the user sends the below request
/people?country=UK
should I return
[{"name":"tom"},{"name"="tim"}]or
[{"name":"tom","country":"UK"},{"name":"tim","country":"UK"}]as the response?
最满意答案
取决于客户需要的数据。
如果你只想告诉客户他们要求什么,你可以在你的API中有一些约定,那就是有一个顶层节点,它显示请求中的参数是什么产生了这个响应。
{"requestParams":"country=UK&city=London", data: [{"name":"tom", "street":"Wallaby"}, {"name":"tim", "street":"West"}]
但是你肯定不希望通过返回请求参数来返回敏感信息。
Depends on what data the client needs.
If you just want a way to tell the client what they requested, you could have some convention in your API that there's a top-level node that shows what the parameters in the request were that generated this reponse.
{"requestParams":"country=UK&city=London", data: [{"name":"tom", "street":"Wallaby"}, {"name":"tim", "street":"West"}]
But you definitely don't want to risk returning sensitive information by returning the request params.
更多推荐
发布评论