Remove CUCUMBER_PUBLISH_TOKEN validation
#2122
Labels
🐛 bug
Defect / Bug
Comments
|
Garbage in protection. Caching errors early is better in general. Rather then removing the validation you can expand the validation regex to include UUID like values too. |
|
We don't want to commit to any particular format for authentication tokens. We want to have the flexibility to change this on the server without needing to make a new release of Cucumber-JVM. The server needs to validate the token anyway, so the only benefit of client validation is early errors for users. The price of that benefit is too high: Not being able to change the token validation on the server without also having to make a new release of Cucumber-JVM. |
|
Fair enough. Removing it won't break anything. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
PublishTokenParseronly allows tokens that look like a base64-encoded string. Token validation should only be the server's responsibility. We don't actually want it to be a base64-encoded string, just a UUID.@mpkorstanje do you remember why we added this?
The text was updated successfully, but these errors were encountered: