Skip to content

fix: friendly viewer shell for non-UUID docIds (integrator deep links)#105

Open
seonghobae wants to merge 2 commits into
mainfrom
fix/viewer-invalid-docid-shell
Open

fix: friendly viewer shell for non-UUID docIds (integrator deep links)#105
seonghobae wants to merge 2 commits into
mainfrom
fix/viewer-invalid-docid-shell

Conversation

@seonghobae

Copy link
Copy Markdown
Collaborator

Why

The contextual-orchestrator admin console now deep-links /viewer/{docId} (its Integrations → Document Viewer card, contextual-orchestrator#41). The route's UUID regex constraint meant any mistyped/non-UUID id fell through to a raw framework 404 — an unfriendly dead end for integrators.

What

  • Single /viewer/{docId} route (the multi-mapping approach caused WebFlux mapping conflicts — kept it simple): UUID.fromString validates. Valid ids: identical 200 LOADING shell as before. Invalid ids: same shell, 404 + initial-state NOT_FOUND, where the existing viewer.js isUuidLike guard already renders "The provided docId is invalid."
  • escapeHtmlAttribute on the echoed docId — the new echo path would otherwise be an XSS vector ("><script>…); test asserts the payload never appears raw.

Tests

ViewerUiControllerTest +3: non-UUID friendly shell (404, meta present), HTML-escape, UUID still 200. Full mvn verify green locally (Java 21 target).

🤖 Generated with Claude Code

GET /viewer/{docId} previously matched only 36-char UUID-shaped path
segments, so integrator deep links with a mistyped or non-UUID id (for
example the contextual-orchestrator admin console's Document Viewer card
linking /viewer/{docId}) landed on a raw framework 404 instead of the
viewer shell.

- Single /viewer/{docId} route; UUID.fromString is the validator. Valid
  ids keep the exact same 200 LOADING shell; invalid ids now get the same
  shell with 404 + initial-state NOT_FOUND, where the existing viewer.js
  isUuidLike guard shows "The provided docId is invalid."
- docId is HTML-attribute-escaped before being echoed into the shell meta
  (escapeHtmlAttribute), closing an XSS hole the new echo path would have
  opened.

Tests: ViewerUiControllerTest gains non-UUID friendly-shell, HTML-escape
(script payload must not appear raw), and UUID-still-200 cases. Full
mvn verify green.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_019puhETTpuvAJZxviGBCBmH
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01RjGVapDZ3k7V7zKYk16P4C
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant