Special characters in search terms lead to SAM API errors

GSA / 889-tool

Web service for determining 889 compliance of vendors

1 stars 0 forks source link

Special characters in search terms lead to SAM API errors #20

Open mark-meyer opened 1 year ago

mark-meyer commented 1 year ago

Search terms like ++test or test ++ (with the space without the space there is no error) or UEI: apple produce a 400 error in the SAM api with a messages:

{
    "timestamp": "2023-04-24 15:13:30.733",
    "message": "Error In Creating Data",
    "detail": "Invalid input value",
    "errorCode": "PRM",
    "transaction_id": "7b03c47a-f276-4f8c-828c-b2e48bcdea3a"
}

We should investigate the requirements from SAM and either remove the offending characters from the query or provide the user with better feedback.

rebekahperillo commented 7 months ago

From an email from Mark on 12/12/23.

"If you go to the 889 tool and put in the search box: "test ++" (without the quotes) or "uei: apple" you will get an error. This error is coming from the SAM.gov api — it seems to choke on this certain input with non-alphanumeric characters. I think this is a rare enough user input that we did not prioritize this. And I am not 100% sure what the correct response is for a user — I don't know what they are hoping for with that input, but we saw it a couple times in the logs."

JennaySDavis commented 1 week ago

The following non-alphanumeric characters when entered result in the following error: Error: Sorry, we weren't able to connect to SAM.gov. Please, try again later. Characters resulting in this error:

&
--
- (plus sign)
[ ]
{ }
!
^
( )
=
~
,