nic-chen opened a new issue #2967: URL: https://github.com/apache/apisix/issues/2967
## Background In Apache APISIX Dashboard, we use a JSONSchema synchronized from APISIX for parameter verification. However, during the development and testing process, we found that there are still some plugins that directly use code for parameter verification, instead of using JSONSchema verification. Here is an example: https://github.com/apache/apisix/blob/master/apisix/plugins/jwt-auth.lua#L109-L124 ## Issues with the current solution 1. Not clear enough, many people may not know that there are special codes for parameter verification besides JSONSchema verification, and subsequent maintenance is also troublesome. 2. In the Dashboard, both the FE and `Manager API` need to synchronize these code changes, which becomes very cumbersome, and it is likely to cause problems due to missing or untimely synchronization. ## Suggested changes 1. All parameter verification should be verified with JSONSchema as much as possible, except for those that JSONSchema cannot achieve 2. Newly added plug-ins in the future should also follow this specification. ## Related plugins - [ ] jwt-auth - [ ] ip-restriction - [ ] openid-connect - [ ] redirect - [ ] response-rewrite - [ ] request-validation - [ ] cors - [ ] proxy-rewrite - [ ] proxy-cache (need to read `conf/config.yaml` in APISIX to check cache zone ) - [ ] uri-blocker (regular expression in Lua and `ngx.re`) ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
