RI-7973 Fix JSON error with keys containing constructor or __proto__#5622
Open
RI-7973 Fix JSON error with keys containing constructor or __proto__#5622
Conversation
…ll parsers References: #RI-7973 Made-with: Cursor
pd-redis
requested review from
ArtemHoruzhenko,
DimoHG,
dantovska,
pawelangelow and
valkirilov
as code owners
🛡️ Jit Security Scan Results
✅ No security findings were detected in this PR
Security scan by Jit
|
…on-rl service and tests - Adjusted formatting in rejson-rl.service.ts and rejson-rl.service.spec.ts for consistency. - Ensured proper semicolon usage and indentation for better code clarity. - No functional changes were made; focus was on code style improvements.
- Reformatted the JSON string in the test case to enhance clarity and maintain consistency with coding standards. - No functional changes were made; focus was on code style improvements.
Contributor
Code Coverage - Backend unit tests
Test suite run success3288 tests passing in 303 suites. Report generated by 🧪jest coverage report action from c23b6f5 |
Contributor
Code Coverage - Integration Tests
|
Contributor
Code Coverage - Frontend unit tests
Test suite run success6530 tests passing in 792 suites. Report generated by 🧪jest coverage report action from c23b6f5 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Configure all
json-bigintparsers withconstructorAction: 'preserve'andprotoAction: 'preserve'so that JSON keys namedconstructoror__proto__are handled correctly instead of throwing.The rejson details utils on the frontend already used this pattern — this change applies it consistently to the remaining 4 parsers (1 backend, 3 frontend).
Supersedes closed PR #5413 which only fixed the backend. This PR extends the fix to all frontend parsers as well.
Testing
JSON.SET mykey $ '{"constructor":"example value"}'JSON.GET mykey $in Workbench — output should render correctlyCloses #5412
References: #RI-7973
Made with Cursor
Note
Medium Risk
Touches JSON parsing/serialization in both API and UI; while the change is small, it affects handling of special keys like
__proto__, so regressions or unexpected object-shape interactions are possible.Overview
Fixes JSON rendering/download failures when payloads contain object keys named
constructoror__proto__by configuring all remainingjson-bigintparsers withprotoAction: 'preserve'andconstructorAction: 'preserve'(backendRejsonRlServiceand multiple UI JSON viewers/formatters).Adds regression tests in the API
rejson-rlservice and UIJSONViewerto ensure these payloads parse and round-trip without throwing, and centralizes UI re-serialization to reuse a consistently configured parser.Written by Cursor Bugbot for commit c23b6f5. This will update automatically on new commits. Configure here.