removing ssz-only flag ( reverting feature) and fix accept header middleware (#15433)

* removing ssz-only flag * gaz * reverting other uses of sszonly * gaz * adding kasey and radek's suggestions * update changelog * adding test * radek advice with new headers and tests * adding logs and fixing comments * adding logs and fixing comments * gaz * Update validator/client/beacon-api/rest_handler_client.go Co-authored-by: Radosław Kapka <rkapka@wp.pl> * Update api/apiutil/header.go Co-authored-by: Radosław Kapka <rkapka@wp.pl> * Update api/apiutil/header.go Co-authored-by: Radosław Kapka <rkapka@wp.pl> * radek's comments * adding another failing case based on radek's suggestion * another unit test --------- Co-authored-by: Radosław Kapka <rkapka@wp.pl>
2026-01-09 13:28:01 -05:00 · 2025-07-22 11:06:51 -05:00
parent c21fae239f
commit 77958022e7
17 changed files with 394 additions and 152 deletions
--- a/api/apiutil/BUILD.bazel
+++ b/api/apiutil/BUILD.bazel
@@ -2,18 +2,28 @@ load("@prysm//tools/go:def.bzl", "go_library", "go_test")

 go_library(
    name = "go_default_library",
-    srcs = ["common.go"],
+    srcs = [
+        "common.go",
+        "header.go",
+    ],
    importpath = "github.com/OffchainLabs/prysm/v6/api/apiutil",
    visibility = ["//visibility:public"],
-    deps = ["//consensus-types/primitives:go_default_library"],
+    deps = [
+        "//consensus-types/primitives:go_default_library",
+        "@com_github_sirupsen_logrus//:go_default_library",
+    ],
 )

 go_test(
    name = "go_default_test",
-    srcs = ["common_test.go"],
+    srcs = [
+        "common_test.go",
+        "header_test.go",
+    ],
    embed = [":go_default_library"],
    deps = [
        "//consensus-types/primitives:go_default_library",
        "//testing/assert:go_default_library",
+        "//testing/require:go_default_library",
    ],
 )
--- a/api/apiutil/header.go
+++ b/api/apiutil/header.go
@@ -0,0 +1,122 @@
+package apiutil
+
+import (
+	"mime"
+	"sort"
+	"strconv"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+)
+
+type mediaRange struct {
+	mt   string  // canonicalised media‑type, e.g. "application/json"
+	q    float64 // quality factor (0‑1)
+	raw  string  // original string – useful for logging/debugging
+	spec int     // 2=exact, 1=type/*, 0=*/*
+}
+
+func parseMediaRange(field string) (mediaRange, bool) {
+	field = strings.TrimSpace(field)
+
+	mt, params, err := mime.ParseMediaType(field)
+	if err != nil {
+		log.WithError(err).Debug("Failed to parse header field")
+		return mediaRange{}, false
+	}
+
+	r := mediaRange{mt: mt, q: 1, spec: 2, raw: field}
+
+	if qs, ok := params["q"]; ok {
+		v, err := strconv.ParseFloat(qs, 64)
+		if err != nil || v < 0 || v > 1 {
+			log.WithField("q", qs).Debug("Invalid quality factor (0‑1)")
+			return mediaRange{}, false // skip invalid entry
+		}
+		r.q = v
+	}
+
+	switch {
+	case mt == "*/*":
+		r.spec = 0
+	case strings.HasSuffix(mt, "/*"):
+		r.spec = 1
+	}
+	return r, true
+}
+
+func hasExplicitQ(r mediaRange) bool {
+	return strings.Contains(strings.ToLower(r.raw), ";q=")
+}
+
+// ParseAccept returns media ranges sorted by q (desc) then specificity.
+func ParseAccept(header string) []mediaRange {
+	if header == "" {
+		return []mediaRange{{mt: "*/*", q: 1, spec: 0, raw: "*/*"}}
+	}
+
+	var out []mediaRange
+	for _, field := range strings.Split(header, ",") {
+		if r, ok := parseMediaRange(field); ok {
+			out = append(out, r)
+		}
+	}
+
+	sort.SliceStable(out, func(i, j int) bool {
+		ei, ej := hasExplicitQ(out[i]), hasExplicitQ(out[j])
+		if ei != ej {
+			return ei // explicit beats implicit
+		}
+		if out[i].q != out[j].q {
+			return out[i].q > out[j].q
+		}
+		return out[i].spec > out[j].spec
+	})
+	return out
+}
+
+// Matches reports whether content type is acceptable per the header.
+func Matches(header, ct string) bool {
+	for _, r := range ParseAccept(header) {
+		switch {
+		case r.q == 0:
+			continue
+		case r.mt == "*/*":
+			return true
+		case strings.HasSuffix(r.mt, "/*"):
+			if strings.HasPrefix(ct, r.mt[:len(r.mt)-1]) {
+				return true
+			}
+		case r.mt == ct:
+			return true
+		}
+	}
+	return false
+}
+
+// Negotiate selects the best server type according to the header.
+// Returns the chosen type and true, or "", false when nothing matches.
+func Negotiate(header string, serverTypes []string) (string, bool) {
+	for _, r := range ParseAccept(header) {
+		if r.q == 0 {
+			continue
+		}
+		for _, s := range serverTypes {
+			if Matches(r.mt, s) {
+				return s, true
+			}
+		}
+	}
+	return "", false
+}
+
+// PrimaryAcceptMatches only checks if the first accept matches
+func PrimaryAcceptMatches(header, produced string) bool {
+	for _, r := range ParseAccept(header) {
+		if r.q == 0 {
+			continue // explicitly unacceptable – skip
+		}
+		return Matches(r.mt, produced)
+	}
+	return false
+}
--- a/api/apiutil/header_test.go
+++ b/api/apiutil/header_test.go
@@ -0,0 +1,174 @@
+package apiutil
+
+import (
+	"testing"
+
+	"github.com/OffchainLabs/prysm/v6/testing/require"
+)
+
+func TestParseAccept(t *testing.T) {
+	type want struct {
+		mt   string
+		q    float64
+		spec int
+	}
+
+	cases := []struct {
+		name   string
+		header string
+		want   []want
+	}{
+		{
+			name:   "empty header becomes */*;q=1",
+			header: "",
+			want:   []want{{mt: "*/*", q: 1, spec: 0}},
+		},
+		{
+			name:   "quality ordering then specificity",
+			header: "application/json;q=0.2, */*;q=0.1, application/xml;q=0.5, text/*;q=0.5",
+			want: []want{
+				{mt: "application/xml", q: 0.5, spec: 2},
+				{mt: "text/*", q: 0.5, spec: 1},
+				{mt: "application/json", q: 0.2, spec: 2},
+				{mt: "*/*", q: 0.1, spec: 0},
+			},
+		},
+		{
+			name:   "invalid pieces are skipped",
+			header: "text/plain; q=boom, application/json",
+			want:   []want{{mt: "application/json", q: 1, spec: 2}},
+		},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			got := ParseAccept(tc.header)
+			gotProjected := make([]want, len(got))
+			for i, g := range got {
+				gotProjected[i] = want{mt: g.mt, q: g.q, spec: g.spec}
+			}
+			require.DeepEqual(t, gotProjected, tc.want)
+		})
+	}
+}
+
+func TestMatches(t *testing.T) {
+	cases := []struct {
+		name    string
+		accept  string
+		ct      string
+		matches bool
+	}{
+		{"exact match", "application/json", "application/json", true},
+		{"type wildcard", "application/*;q=0.8", "application/xml", true},
+		{"global wildcard", "*/*;q=0.1", "image/png", true},
+		{"explicitly unacceptable (q=0)", "text/*;q=0", "text/plain", false},
+		{"no match", "image/png", "application/json", false},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			got := Matches(tc.accept, tc.ct)
+			require.Equal(t, tc.matches, got)
+		})
+	}
+}
+
+func TestNegotiate(t *testing.T) {
+	cases := []struct {
+		name        string
+		accept      string
+		serverTypes []string
+		wantType    string
+		ok          bool
+	}{
+		{
+			name:        "highest quality wins",
+			accept:      "application/json;q=0.8,application/xml;q=0.9",
+			serverTypes: []string{"application/json", "application/xml"},
+			wantType:    "application/xml",
+			ok:          true,
+		},
+		{
+			name:        "wildcard matches first server type",
+			accept:      "*/*;q=0.5",
+			serverTypes: []string{"application/octet-stream", "application/json"},
+			wantType:    "application/octet-stream",
+			ok:          true,
+		},
+		{
+			name:        "no acceptable type",
+			accept:      "image/png",
+			serverTypes: []string{"application/json"},
+			wantType:    "",
+			ok:          false,
+		},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			got, ok := Negotiate(tc.accept, tc.serverTypes)
+			require.Equal(t, tc.ok, ok)
+			require.Equal(t, tc.wantType, got)
+		})
+	}
+}
+
+func TestPrimaryAcceptMatches(t *testing.T) {
+	tests := []struct {
+		name     string
+		accept   string
+		produced string
+		expect   bool
+	}{
+		{
+			name:     "prefers json",
+			accept:   "application/json;q=0.9,application/xml",
+			produced: "application/json",
+			expect:   true,
+		},
+		{
+			name:     "wildcard application beats other wildcard",
+			accept:   "application/*;q=0.2,*/*;q=0.1",
+			produced: "application/xml",
+			expect:   true,
+		},
+		{
+			name:     "json wins",
+			accept:   "application/xml;q=0.8,application/json;q=0.9",
+			produced: "application/json",
+			expect:   true,
+		},
+		{
+			name:     "json loses",
+			accept:   "application/xml;q=0.8,application/json;q=0.9,application/octet-stream;q=0.99",
+			produced: "application/json",
+			expect:   false,
+		},
+		{
+			name:     "json wins with non q option",
+			accept:   "application/xml;q=0.8,image/png,application/json;q=0.9",
+			produced: "application/json",
+			expect:   true,
+		},
+		{
+			name:     "json not primary",
+			accept:   "image/png,application/json",
+			produced: "application/json",
+			expect:   false,
+		},
+		{
+			name:     "absent header",
+			accept:   "",
+			produced: "text/plain",
+			expect:   true,
+		},
+	}
+
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			got := PrimaryAcceptMatches(tc.accept, tc.produced)
+			require.Equal(t, got, tc.expect)
+		})
+	}
+}
--- a/api/server/middleware/BUILD.bazel
+++ b/api/server/middleware/BUILD.bazel
@@ -10,6 +10,7 @@ go_library(
    visibility = ["//visibility:public"],
    deps = [
        "//api:go_default_library",
+        "//api/apiutil:go_default_library",
        "@com_github_rs_cors//:go_default_library",
        "@com_github_sirupsen_logrus//:go_default_library",
    ],
--- a/api/server/middleware/middleware.go
+++ b/api/server/middleware/middleware.go
@@ -7,6 +7,7 @@ import (
 	"strings"

 	"github.com/OffchainLabs/prysm/v6/api"
+	"github.com/OffchainLabs/prysm/v6/api/apiutil"
 	"github.com/rs/cors"
 	log "github.com/sirupsen/logrus"
 )
@@ -74,42 +75,10 @@ func ContentTypeHandler(acceptedMediaTypes []string) Middleware {
 func AcceptHeaderHandler(serverAcceptedTypes []string) Middleware {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			acceptHeader := r.Header.Get("Accept")
-			// header is optional and should skip if not provided
-			if acceptHeader == "" {
-				next.ServeHTTP(w, r)
+			if _, ok := apiutil.Negotiate(r.Header.Get("Accept"), serverAcceptedTypes); !ok {
+				http.Error(w, "Not Acceptable", http.StatusNotAcceptable)
 				return
 			}
-
-			accepted := false
-			acceptTypes := strings.Split(acceptHeader, ",")
-			// follows rules defined in https://datatracker.ietf.org/doc/html/rfc2616#section-14.1
-			for _, acceptType := range acceptTypes {
-				acceptType = strings.TrimSpace(acceptType)
-				if acceptType == "*/*" {
-					accepted = true
-					break
-				}
-				for _, serverAcceptedType := range serverAcceptedTypes {
-					if strings.HasPrefix(acceptType, serverAcceptedType) {
-						accepted = true
-						break
-					}
-					if acceptType != "/*" && strings.HasSuffix(acceptType, "/*") && strings.HasPrefix(serverAcceptedType, acceptType[:len(acceptType)-2]) {
-						accepted = true
-						break
-					}
-				}
-				if accepted {
-					break
-				}
-			}
-
-			if !accepted {
-				http.Error(w, fmt.Sprintf("Not Acceptable: %s", acceptHeader), http.StatusNotAcceptable)
-				return
-			}
-
 			next.ServeHTTP(w, r)
 		})
 	}