Add safety around most calls to formParam and/or queryParam, as they can throw if the request isn't formatted as expected, in ways that we may not want it to.

2025-07-17 20:50:44 +00:00 · 2024-08-02 12:32:36 -05:00
parent 61ec57af02
commit 9baa7c32bf
4 changed files with 387 additions and 32 deletions
--- a/qqq-middleware-api/src/main/java/com/kingsrook/qqq/api/javalin/QJavalinApiHandler.java
+++ b/qqq-middleware-api/src/main/java/com/kingsrook/qqq/api/javalin/QJavalinApiHandler.java
@ -458,11 +458,18 @@ public class QJavalinApiHandler
         ObjectUtils.ifNotNull(fieldsContainer.getRecordIdsField(), fields::add);
         for(QFieldMetaData field : fields)
         {
-            String queryParamValue = paramAccessor.apply(context, field.getName());
-            if(queryParamValue != null)
+            try
            {
-               String backendName = ObjectUtils.requireConditionElse(field.getBackendName(), StringUtils::hasContent, field.getName());
-               parameters.put(backendName, queryParamValue);
+               String value = paramAccessor.apply(context, field.getName());
+               if(value != null)
+               {
+                  String backendName = ObjectUtils.requireConditionElse(field.getBackendName(), StringUtils::hasContent, field.getName());
+                  parameters.put(backendName, value);
+               }
+            }
+            catch(Exception e)
+            {
+               LOG.info("Exception trying to process process input field", e);
            }
         }
      }