fix: catch array errors from API and display error message more detailed#789
fix: catch array errors from API and display error message more detailed#789
Conversation
Signed-off-by: Tomás Castillo <tcastilloboireau@gmail.com>
📝 WalkthroughWalkthroughTwo small edits: a syntactic change adding a semicolon to the end of Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~2 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches
🧪 Generate unit tests (beta)
No actionable comments were generated in the recent review. 🎉 Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Fix all issues with AI agents
In `@src/actions/base-actions.js`:
- Around line 52-56: The code is rendering API error strings into HTML unsafely;
update the call to setSnackbarMessage in the error path to avoid XSS by either
escaping/sanitizing the entries in the errors array before joining or by sending
them as plain text instead of HTML. Specifically, change the payload for
setSnackbarMessage (the call inside this function) to not use the html property
with errors.join("<br>") — either escape each item in errors then join and keep
a sanitizedHtml property, or replace html with a text/message property like
errors.join("\n") (and ensure consuming code uses text rendering), preserving
the type and code (err.status || 0) and keeping setSnackbarMessage(dispatch,
state) usage.
🧹 Nitpick comments (1)
src/actions/base-actions.js (1)
47-56: Handle non-string elements in the errors array.If the API returns error objects instead of strings (e.g.,
[{ message: "..." }]),errors.join("<br>")will produce"[object Object]<br>..."which is not user-friendly. Consider validating element types or extracting message properties.♻️ Proposed defensive handling
const errors = err.response?.body?.errors; - if (Array.isArray(errors) && errors.length > 0) { + if (Array.isArray(errors) && errors.length > 0) { + const errorMessages = errors.map((e) => + typeof e === "string" ? e : e?.message || JSON.stringify(e) + ); dispatch(stopLoading()); return setSnackbarMessage({ type: "warning", - html: errors.join("<br>"), + html: errorMessages.join("<br>"), code: err.status || 0 })(dispatch, state); }
Signed-off-by: Tomás Castillo <tcastilloboireau@gmail.com>
ref: https://app.clickup.com/t/86b8eh2xm
Signed-off-by: Tomás Castillo tcastilloboireau@gmail.com
Summary by CodeRabbit
Style
Chores
Other