From 1b44e6fe0f8eefbfc541470fb4bffb56eab074da Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Sun, 4 Apr 2021 17:05:56 +0200 Subject: [PATCH] REST handler: make API return validation opt-in It has not shown any real value in the last decade+ it was enabled, and it can actually add quite some performance overhead. E.g., if an API endpoint returns a few 100k of relatively simple entries we can easily require several seconds, even tens of seconds, to run the return validation - making it easier to run into timeouts along the transmit path to the client. The CLI handler has it still enabled, normally there's no timeout there as no HTTP transmit path is involved, and d.csapak had a slight preference for that in an off-list discussion. The actual implementations in PMG or PVE could enable it too if running under debug mode. Signed-off-by: Thomas Lamprecht --- src/PVE/RESTHandler.pm | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/PVE/RESTHandler.pm b/src/PVE/RESTHandler.pm index cf854f6..b9e27e9 100644 --- a/src/PVE/RESTHandler.pm +++ b/src/PVE/RESTHandler.pm @@ -426,7 +426,7 @@ sub find_handler { } sub handle { - my ($self, $info, $param) = @_; + my ($self, $info, $param, $result_verification) = @_; my $func = $info->{code}; @@ -449,13 +449,13 @@ sub handle { $param->{'extra-args'} = [map { /^(.*)$/ } @$extra] if $extra; } - my $result = &$func($param); + my $result = $func->($param); # the actual API code execution call - # todo: this is only to be safe - disable? - if (my $schema = $info->{returns}) { + if ($result_verification && (my $schema = $info->{returns})) { + # return validation is rather lose-lose, as it can require quite a bit of time and lead to + # false-positive errors, any HTTP API handler should avoid enabling it by default. PVE::JSONSchema::validate($result, $schema, "Result verification failed\n"); } - return $result; } @@ -861,7 +861,7 @@ sub cli_handler { $replace_file_names_with_contents->($param, $param_map); } - $res = $self->handle($info, $param); + $res = $self->handle($info, $param, 1); }; if (my $err = $@) { my $ec = ref($err);