search

sendbird / chat-ai-widget

Build AI Chatbot in minutes with Sendbird Chatbot Widget.
https://sendbird.github.io/chat-ai-widget/
MIT License
28 stars 17 forks source link

URL crashes the AI Chatbot and the whole page #314

Closed mobiware closed 3 months ago

mobiware commented 3 months ago

Since we've upgraded to version 1.7.3 of the SDK, we're running into an issue that we didn't experience with version 1.6.1

We have a function call that returns a URL, and this URL is included by the chatbot into its response to the user as follows (this is only an excerpt from the full message showing the Markdown-formatted URL)

Your renewal lease has been fully executed. You can find a copy of the renewal lease [here](https://res.cloudinary.com/darwin-homes/image/authenticated/v1/sandbox/Ewmtbp/7781%20Kbujv%20Il/0021-55-88/xlsbsxx-eqpcuwu.pdf?__cld_token__=exp=1721913788~hmac=2620cdef709694691711b33a68f7cf41465d12f8343c54f58a09167f479ea2e1).

As soon as the chatbot displays this part of the message, it crashes and the whole page with it (whole page gets blank).

The exception that can be seen in the console is:

Uncaught (in promise) URIError: URI malformed
    at decodeURIComponent (<anonymous>)
    at D0 (chunk-EPLYPIMA.js?v=63f1ceef:27766:11)
    at replacer (chunk-EPLYPIMA.js?v=63f1ceef:28817:538)
    at chunk-EPLYPIMA.js?v=63f1ceef:28806:59
    at Array.forEach (<anonymous>)
    at chunk-EPLYPIMA.js?v=63f1ceef:28805:20
    at chunk-EPLYPIMA.js?v=63f1ceef:28809:11
    at Array.forEach (<anonymous>)
    at chunk-EPLYPIMA.js?v=63f1ceef:28797:7
    at Array.forEach (<anonymous>)
mobiware commented 3 months ago

So we've debugged a little bit and we found out that the URL that gets passed to decodeURIComponent is: https://res.cloudinary.com/darwin-homes/image/authenticated/v1/sandbox/Ewmtbp/7781%

which is not the original URL (it's truncated). The fact that the URL is ending with % is what makes it malformed.

Looking at the D0 function that calls decodeURIComponent, it looks like it corresponds to the new asSafeURL function

Capture d’écran 2024-07-25 à 14 55 30

It also seems like this function is being called as part of some Regexp manipulation of the URL, so perhaps there's a bug in the Regexp ?

Capture d’écran 2024-07-25 à 14 51 14
bang9 commented 3 months ago

Thanks for letting me know. I'll fix this.

mobiware commented 3 months ago

@bang9 any ETA for a new version of the SDK including this fix ?

bang9 commented 3 months ago

Hello @mobiware It has been released in v1.7.4 now!

mobiware commented 3 months ago

@bang9 awesome, thanks!