There is a potential risk of NextResponse.json file compromising the integrity of JSON

Running nextjs 13.5.3 and implementing an API route handler under /app

This route handler mainly fetches data from a CMS and then returns the response. The IDs on the client side are hashed, so one of the functions is to unhash the IDs from a request and then hash them again in the response. Currently, for debugging purposes, I am manually changing the ID values from integers to strings, bypassing the hashing function.

Issue

Everything works fine when the response is not modified. However, if I change the ID value in the route handler (for hashing), the browser fails to parse the JSON response when using 

const data = await response.json();

Uncaught (in promise) SyntaxError: Expected ':' after property name in JSON at position 2269 (line 1 column 74)

Simplified Version of Route Handler

export async function POST(request, params) {

    const serviceRes = await fetch('https://someservice.com/api');

    ... check status of response is ok ...
    ... check if json is returned and if it is, parse it ...

    const serviceData = await serviceRes.json();

    // Modifying the ID value if it exists

    if (serviceData && serviceData.data && serviceData.data.id) {
        serviceData.data.id = 'test';
    }

    const res = NextResponse.json(serviceData, {
        status: serviceRes.status,
        headers: serviceRes.headers,
    });

    return res;

}

Updated serviceData sample after changing the ID

{
    "data": {
        "id": "asdasd", // originally an integer, like 4278
        "title": "Hello World",
        "content": "This is a test content",
        "tagging": []
    }
}

Further Testing

After modifying serviceData.data.id within the route handler, I added:

console.log("serviceData", serviceData);
console.log("stringified", JSON.stringify(serviceData));

No issues were seen with the object or JSON. They were validated successfully. Is there a problem with Nextresponse.json?

The error message indicates the issue occurs at the final key, tagging, where the colon appears. Despite appearing correctly in the console logs, the error suggests otherwise. Since tagging is not being altered, this is unexpected.

I attempted non-mutating versions using spread operators, but the same error persisted.

If no values in serviceData are modified, the browser can parse the JSON without any issues. This situation has me confused.

javascriptjsonnext.js

Answer №1

The issue arose from reusing the headers retrieved from serviceRes while making changes to the data. Specifically, the content-length header became inaccurate after the data was altered.

Identifying this problem proved to be challenging due to conflicting information regarding the need to recalculate content-length when sending new responses. Since I was using a copy of the original headers, the route handler did not generate a new content-length header.

// Create a duplicate set of headers from the initial response
let headers = new Headers(serviceRes.headers);
// Delete the Content-Length header to avoid inaccuracies caused by modifying the response body.
// Once removed, it will be recalculated by either the server or the browser.
headers.delete('Content-Length');

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Adding a combination of HTML and Javascript to an element can result in unexpected behavior

http://jsfiddle.net/PeKdr/ Encountering an issue when having a JavaScript variable that contains both HTML and JavaScript, resulting in unexpected behavior in the output window. Neither of the buttons - one triggering the function appendTheString() or the ...

javascriptjqueryhtmlappend

What steps can I take to pinpoint the exact error location when running assetic:dump in Symfony2?

This error message indicates an issue with assetic:dump in Symfony2. [Assetic\Exception\FilterException] ...

javascriptjquerysymfonyyuiassetic

Adding properties with strings as identifiers to classes in TypeScript: A step-by-step guide

I am working with a list of string values that represent the identifiers of fields I need to add to a class. For instance: Consider the following string array: let stringArr = ['player1score', 'player2score', 'player3score' ...

javascripttypescriptvue.js

AngularJS: Issue with ngChange not being triggered from directive

A Summary of the Issue at Hand I've created a directive that dynamically displays a list of checkboxes. The directive has a parameter named options, which should be an array structured like this in order for the checkboxes to display correctly: var ...

javascripthtmlangularjsangularjs-directivefrontend

The perplexing results received when using the npm outdated command

Could someone provide an explanation for the meaning behind this output? $ npm --version 3.10.8 $ npm -g outdated npm Package Current Wanted Latest Location npm 3.10.8 4.0.2 3.10.9 As stated in the documentation, the "Wanted" column should d ...

javascriptnode.jsnpmnpm-install

When using express, encountering a "Cannot GET / on page refresh" error

Currently working on a small MERN stack project. Managed to deploy it on Vercel successfully and the application runs as expected. Navigating to "/classes" and "/students" using the buttons in the browser works fine, however, upon reloading those pages I e ...

javascriptreactjsnode.jsexpressmern

Upon updating my application from Angular 14 to 16, I encountered an overwhelming number of errors within the npm packages I had incorporated

After upgrading my angular application from v14 to v16, I encountered numerous peer dependencies issues, which led me to use the --force flag for the upgrade process. However, upon compiling, I am now faced with a multitude of errors as depicted in the scr ...

javascriptangulartypescriptnpmangular-ivy

Transforming data from a JSON format into a JavaScript array

I'm trying to convert a JSON string into an array containing the values from the JSON. When I use json.stringify(jsonmybe) and alert it, I see [{"role":"noi_user"},{"role":"bert_user"}] (which is in JSON format). My goal is to extract `noi_user` and ` ...

javascriptarraysjson

In the desktop view, the onClick button requires two clicks to trigger the onClick function, while in the mobile view, it only takes one click as expected

Here are the topics I want to display as buttons: const paperTopics = [ "Teaching Aptitude", "Research Aptitude", "Comprehension", "Communication", "Mathematical Reasoning and Aptitude", ...

javascriptreactjstypescriptnext.jsonclick

Seeking guidance on how to retrieve an image from Firebase storage using NextJs. Any suggestions on how to tackle this issue

Here is the code snippet we are currently utilizing in Nextjs to facilitate image downloads: const handleDownload = async (fileUrl: string) => { try { const storageRef = ref(storage, fileUrl); const downloadURL = await getDownloadURL(storageRe ...

firebasenext.jsfirestorter

Store <td> in a variable

At the moment, I have a script that allows users to input an item name, along with its size, color, and other options. Each of these entries is saved as individual items with their custom specifications, such as a black t-shirt in large size. The script c ...

javascriptjqueryhtmlcssjquery-ui

I am interested in incorporating jQuery into my React development project

I'm trying to implement jQuery in React. I have an input field in my project that I am using to create a match event with 'this.state.value'. When the content of the input field matches, I want the borders to turn green and red if they do no ...

javascripthtmljquerycssreactjs

Why does the custom method only trigger once with the addEventListener?

I am attempting to connect the "oninput" event of an input range element to a custom method defined in a corresponding typescript file. Here is the HTML element: <input type="range" id='motivation-grade' value="3" min="1" max="5"> This i ...

javascriptangulartypescriptdom-eventsaddeventlistener

In the world of Knockout JS, forget about using e.stopPropagation() because it won't

In my table, I have two actions that can be performed: Click event on the row level and click while checking a checkbox inside that row. However, when the checkbox is checked, I do not want the click event on the row to be triggered. <tbody data-bin ...

javascriptjqueryknockout.js

Tips for preventing redundant function calls to a prop within a ReactJS component

I am currently facing an issue where I am repeatedly calling the same function within a component to retrieve a specific prop inside the render function. Is there a way to optimize this and avoid calling the function multiple times for each required prop ...

javascriptreactjsreact-component

Implementing Google Fonts into Next.js with the combination of Sass, CSS, and Semantic UI React

I have set up my next.config.js file with the following configuration: const withSass = require('@zeit/next-sass'); const withCss = require('@zeit/next-css'); module.exports = withSass(withCss({ webpack (config) { config.module. ...

cssreactjssassnext.js

When trying to run the code locally, JS and Bootstrap seem to have trouble functioning together, despite

Check out my codepen project here: https://codepen.io/ldrumsl/pen/ZxdZwa Below is the JavaScript code: $('#datetimepicker1').datetimepicker(); $('#datetimepicker2').datetimepicker(); Downloaded index.html file content: <!DOCTYPE ...

javascriptcssbootstrap-4codepen

Trying out asynchronous testing using Mocha and Sinonjs for the first time

In my current project, I am utilizing a custom micro framework developed by our team, where we make use of Mongoose. To handle the mongoose object, we have implemented a modelfactory that provides us with a corresponding model based on the mongoose name o ...

javascriptnode.jsunit-testingsinon

When sending multiple JSON objects in an HTTP POST request to an ASP.NET MVC controller action, they may not be properly bound

I am passing two JSON objects to an ASP.NET MVC controller action, but both parameters are showing as null. Can anyone identify the error, possibly related to incorrect naming? /* Source Unit */ var sourceParent = sourceNode.getParent(); var sourceUnitPa ...

javascriptjsonasp.net-mvc-4model-binding

Is there a built-in method in Next.js 13 to secure routes from unauthorized access?

In my project, I have the following pages: /about, /user, and /user/[id]. Unfortunately, I am unable to access req.page, which provides the slug (i.e. /user/[id]), making it difficult for me to implement logic to redirect requests from unauthenticated user ...

javascriptnext.jsroutes