search

academe / authorizenet-objects

Value objects for construction Authorize.Net messages
7 stars 6 forks source link

Support BOM removal #3

Open judgej opened 7 years ago

judgej commented 7 years ago

This is a bit messy. The JSON response from Authorize.Net includes a BOM sequence at the start. This is invisible to the human eye, but causes json_decode() to throw a wobbly. It simply cannot decode the JSON with the BOM.

This is suggested in many places to remove the BOM:

preg_replace('/[\x00-\x1F\x80-\xFF]/', '', $json_string);

I would probably be a little more specific by looking at only the first (up to) three characters:

preg_replace('/^[\x00-\x1F\x80-\xFF]{1,3}/', '', $json_string);

There is also a plugin for Guzzle that removes the BOM, but that appears to be for older Guzzle versions. Not sure about the latest.

Anyway, it has not really got anything to do with these messages, because it's not a part of the data, but if we are not aware of it, it will certainly come to bite us when not dealt with at the transport level.

judgej commented 7 years ago

Authorize.Net did inform many customers that the BOM would be removed from JSON responses in August 2016, to comply with RFC-7159. That obviously hasn't happened, at least not on the sandbox account.

Implementations MUST NOT add a byte order mark to the beginning of a JSON text. In the interests of interoperability, implementations that parse JSON texts MAY ignore the presence of a byte order mark rather than treating it as an error.

judgej commented 7 years ago

Sample code showing this:

// $create_transaction_request is an authorise transaction, for example.
// $client is a Guzzle client and $endpoint is the sandbox.

$response = $client->request('POST', $endpoint, [
    'json' => $create_transaction_request, // Guzzle will convert this to JSON.
]);

$result = (string)$response->getBody();
echo "<p>Length with BOM: " . strlen($result) . "</p>";
// With BOM: 540
var_dump(json_decode($result)); // NULL :-(

// Remove the BOM
$result = preg_replace('/^[\x00-\x1F\x80-\xFF]{1,3}/', '', $result);

echo "<p>Length without BOM: " . strlen($result) . "</p>";
// Without BOM: 537
var_dump(json_decode($result)); // ...the full response :-)

Just using trim() does not fix it, so it's not trailing or preceding white space that is the issue.