Skip to content

Convert DecodingErrors thrown from request handling code to HTTP 400 … #161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Nov 4, 2025
Merged

Convert DecodingErrors thrown from request handling code to HTTP 400 … #161

merged 5 commits into from
Nov 4, 2025

Conversation

@colindignazio
Copy link
Contributor

@colindignazio colindignazio commented Oct 27, 2025

Motivation

The library does not gracefully handle when clients send requests with malformed request bodies, parameters, etc. If a client sends a request that for example is missing a required field or has a field that cannot be converted to the correct type, the server should respond with a 400 indicating to the client that they have done something wrong. Instead, the library throws a DecodingError which propagates all the way up resulting in a 500 response which incorrectly tells the client that something went wrong on the server.

Modifications

  • Added a layer of handling to each call that is made to decode request objects which wraps DecodingErrors into RuntimeErrors.
  • Make ServerError conform to HTTPResponseConvertible
  • Modify ErrorHandlingMiddleware to first check if the underlying error conforms to HTTPResponseConvertible and if not use the values from ServerError. This allows the HTTPResponseConvertible values set in a RuntimeError to be honoured after the RuntimeError is transformed into a ServerError.

Result

Since RuntimeError conforms to HTTPResponseConvertible these errors will get converted to 400 responses by the ErrorHandlingMiddleware. This isn't a perfect solution because consumers of the library have to opt-in to the ErrorHandlingMiddleware to avoid returning 500.

Test Plan

  • Added unit tests for each modification.
  • Verified in my own service that with this change malformed requests get converted into 400 responses.

czechboy0
czechboy0 requested changes Oct 29, 2025
View reviewed changes
czechboy0
czechboy0 reviewed Oct 29, 2025
View reviewed changes
czechboy0
czechboy0 reviewed Oct 29, 2025
View reviewed changes
colindignazio
colindignazio commented Oct 29, 2025
View reviewed changes
czechboy0
czechboy0 approved these changes Nov 3, 2025
View reviewed changes
Copy link
Contributor

@czechboy0 czechboy0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thank you - I'll let @simonjbeaumont give this one more skim as well before merging.

@czechboy0 czechboy0 added the 🆕 semver/minor Adds new public API. label Nov 4, 2025
@czechboy0 czechboy0 merged commit 7cdf333 into apple:main Nov 4, 2025
48 of 49 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@czechboy0 czechboy0 czechboy0 approved these changes

@simonjbeaumont simonjbeaumont simonjbeaumont approved these changes

Assignees

No one assigned

Labels

🆕 semver/minor Adds new public API.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@colindignazio @simonjbeaumont @czechboy0