NAME

App::CamelPKI::Action::JSON - Adapting the Catalyst execution environment for JSON requests.

SYNOPSIS

In the root controller (prefered method - else you must do it everywhere):

    use App::CamelPKI::Action::JSON;
    sub end : ActionClass('RenderView') {
        my ($self, $c) = @_;
        App::CamelPKI::Action::JSON->finalize_errors($c);
    }

In a regular controller:

    sub my_json_controller : ActionClass("+App::CamelPKI::Action::JSON") {
        my ($self, $c, $request_structure) = @_;
        ...
    }

Note: the MyAction("JSON") form documented in Catalyst::Manual::Actions is not implemented in the version of Catalyst released with Ubuntu Edgy, so we don't use it for now (as Edgy is the current development platform).

DESCRIPTION

The ActionClass("+App::CamelPKI::Action::JSON") annotation states that this Catalyst action process and returns JSON. Affixing this annotation changes the behavior of Catalyst in the following ways:

  • The App::CamelPKI::View::JSON view is selected;

  • If an error is raised, it is served in text/plain instead of HTML (see "end" in App::CamelPKI);

  • The cross-site request forgery attack (<http://en.wikipedia.org/wiki/JSON#Security_issues>) is blocked.

How to call a JSON view to do JSON-RPC

Set the Accept header to a value containing the substring application/json, lest the request be rejected. This is to thwart the cross-site request forgery attack, by ensuring that the deputy is not confused (that is, that the browser actually was aware that it was invoking a JSON resource).

METHODS

execute($controller, $c)

Performs half of this module's mojo. All the gory details are in Catalyst::Manual::Actions.

finalize_errors($c)

Performs the other half of this module's mojo: signaling errors in text format if an error occurs, and if "execute" has been called for this request. To be called from the end action of the root controller, as indicated in "SYNOPSIS".