fix: friendly viewer shell for non-UUID docIds (integrator deep links)#105
Open
seonghobae wants to merge 2 commits into
Open
fix: friendly viewer shell for non-UUID docIds (integrator deep links)#105seonghobae wants to merge 2 commits into
seonghobae wants to merge 2 commits into
Conversation
GET /viewer/{docId} previously matched only 36-char UUID-shaped path
segments, so integrator deep links with a mistyped or non-UUID id (for
example the contextual-orchestrator admin console's Document Viewer card
linking /viewer/{docId}) landed on a raw framework 404 instead of the
viewer shell.
- Single /viewer/{docId} route; UUID.fromString is the validator. Valid
ids keep the exact same 200 LOADING shell; invalid ids now get the same
shell with 404 + initial-state NOT_FOUND, where the existing viewer.js
isUuidLike guard shows "The provided docId is invalid."
- docId is HTML-attribute-escaped before being echoed into the shell meta
(escapeHtmlAttribute), closing an XSS hole the new echo path would have
opened.
Tests: ViewerUiControllerTest gains non-UUID friendly-shell, HTML-escape
(script payload must not appear raw), and UUID-still-200 cases. Full
mvn verify green.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_019puhETTpuvAJZxviGBCBmH
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01RjGVapDZ3k7V7zKYk16P4C
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
The contextual-orchestrator admin console now deep-links
/viewer/{docId}(its Integrations → Document Viewer card, contextual-orchestrator#41). The route's UUID regex constraint meant any mistyped/non-UUID id fell through to a raw framework 404 — an unfriendly dead end for integrators.What
/viewer/{docId}route (the multi-mapping approach caused WebFlux mapping conflicts — kept it simple):UUID.fromStringvalidates. Valid ids: identical 200LOADINGshell as before. Invalid ids: same shell, 404 +initial-state NOT_FOUND, where the existingviewer.jsisUuidLikeguard already renders "The provided docId is invalid."escapeHtmlAttributeon the echoed docId — the new echo path would otherwise be an XSS vector ("><script>…); test asserts the payload never appears raw.Tests
ViewerUiControllerTest+3: non-UUID friendly shell (404, meta present), HTML-escape, UUID still 200. Fullmvn verifygreen locally (Java 21 target).🤖 Generated with Claude Code