fix(utils): return 400 instead of 500 for invalid sort order query params#25751
Open
singhlovepreet9 wants to merge 1 commit intostrapi:developfrom
Open
fix(utils): return 400 instead of 500 for invalid sort order query params#25751singhlovepreet9 wants to merge 1 commit intostrapi:developfrom
singhlovepreet9 wants to merge 1 commit intostrapi:developfrom
Conversation
Contributor
Claude Code ReviewThis repository is configured for manual code reviews. Comment |
|
@singhlovepreet9 is attempting to deploy a commit to the Strapi Team on Vercel. A member of the Team first needs to authorize it. |
…rams Invalid sort order suffixes (e.g., `sort=field:asc$`) threw a plain Error resulting in a 500 response. Changed InvalidOrderError and InvalidSortError to extend ValidationError so Strapi's error handler returns a proper 400. Added tests for convertSortQueryParams covering valid orders, defaults, multiple fields, and invalid order suffixes. Fixes strapi#25560
df9361c to
31bb93a
Compare
guoyangzhen
added a commit
to guoyangzhen/strapi
that referenced
this pull request
Apr 1, 2026
…ust sort) Several query parameter validators threw generic Error instead of ValidationError, causing 500 instead of 400 responses. Fixed: - convertStartQueryParams: invalid start value - convertLimitQueryParams: invalid limit value - convertPopulateObject: invalid nested populate - Invalid nested population query (polymorphic) - Using fragments on non-morph attributes - Invalid nested populate format - Invalid fields parameter - Invalid filters parameter Complements strapi#25561 and strapi#25751 which fix sort-related errors.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does it do?
Changes
InvalidOrderErrorandInvalidSortErrorinconvert-query-params.tsto extendValidationError(from@strapi/utils/errors) instead of the plainErrorclass.This ensures Strapi's error middleware recognizes these as
ApplicationErrorsubclasses and returns a 400 status code with a descriptive error message, instead of a generic 500 internal server error.Why is it needed?
When an invalid sort order suffix is provided in a query parameter (e.g.,
?sort=field:asc$), Strapi throws anInvalidOrderErrorwhich extends plainError. The error middleware only mapsApplicationErrorsubclasses to 400-level responses — plainErrorinstances fall through to a 500 response.This is inconsistent with how other invalid query parameters are handled (e.g., invalid pagination params already use
PaginationErrorwhich extendsApplicationErrorand correctly returns 400).How to test it?
GET /api/tests?sort=title:asc→ works correctlyGET /api/tests?sort=title:asc$"Invalid order. order can only be one of asc|desc|ASC|DESC"Related issue(s)/PR(s)
Fix #25560