Skip to content

fix: validate payload field types in /api/recommend to prevent 500 errors#434

Open
anshul23102 wants to merge 1 commit into
komalharshita:mainfrom
anshul23102:fix/recommend-api-type-validation
Open

fix: validate payload field types in /api/recommend to prevent 500 errors#434
anshul23102 wants to merge 1 commit into
komalharshita:mainfrom
anshul23102:fix/recommend-api-type-validation

Conversation

@anshul23102
Copy link
Copy Markdown
Contributor

@anshul23102 anshul23102 commented May 22, 2026

Summary [required]

The /api/recommend endpoint crashed with a 500 Internal Server Error whenever a JSON field was sent as null or a non-string type (e.g. a list or a number). The root cause was that payload.get("field", "") returns None when the key is explicitly present with a null value — the default only applies when the key is absent entirely. Calling .strip() on None raises an unhandled AttributeError.

This PR adds a type-check pass over the four expected string fields before any .strip() call. If any field is non-null but not a string, the endpoint returns a structured 400 Bad Request immediately. For fields that are null, the extraction switches from payload.get(field, "").strip() to (payload.get(field) or "").strip() so they produce an empty string and fall through to the existing empty-field validation in validate_recommendation_inputs.

Related Issue [required]

Closes #408

Type of Change [required]

  • Bug fix — resolves a broken behaviour
  • Test — adds or updates tests

What Was Changed [required]

File Change made
routes/main_routes.py Added type-check loop for string fields; changed extraction to (value or "").strip()
tests/test_basic.py Added test_recommend_api_null_field and test_recommend_api_non_string_field

How to Test This PR [required]

  1. Clone this branch: git checkout fix/recommend-api-type-validation
  2. Install dependencies: pip install -r requirements.txt
  3. Run the app: python app.py
  4. Send a request with a null field and confirm a 400 is returned instead of a 500: 
    curl -X POST http://127.0.0.1:5000/api/recommend \
  -H "Content-Type: application/json" \
  -d '{"skills": null, "level": "Beginner", "interest": "Web", "time": "Low"}'
    Expected response: {"error": "'skills' must be a string value."} with status 400
  5. Send a request with a list value and confirm the same: 
    curl -X POST http://127.0.0.1:5000/api/recommend \
  -H "Content-Type: application/json" \
  -d '{"skills": ["Python", "HTML"], "level": "Beginner", "interest": "Web", "time": "Low"}'
    Expected response: {"error": "'skills' must be a string value."} with status 400
  6. Run the tests: python tests/test_basic.py

Expected test output:

32 passed, 0 failed out of 32 tests

Test Results [required]

  PASS  test_projects_json_loads
  PASS  test_each_project_has_required_fields
  PASS  test_find_project_by_id_found
  PASS  test_find_project_by_id_missing
  PASS  test_parse_skills_basic
  PASS  test_parse_skills_empty_string
  PASS  test_parse_skills_single_entry
  PASS  test_score_single_project_full_match
  PASS  test_score_single_project_no_match
  PASS  test_get_recommendations_returns_results
  PASS  test_get_recommendations_max_three
  PASS  test_get_recommendations_no_match_returns_empty
  PASS  test_get_recommendations_result_format
  PASS  test_validate_all_valid
  PASS  test_validate_missing_skills
  PASS  test_validate_missing_level
  PASS  test_validate_missing_interest
  PASS  test_validate_missing_time
  PASS  test_validate_all_missing
  PASS  test_home_route
  PASS  test_recommend_api_valid
  PASS  test_recommend_api_missing_field
  PASS  test_recommend_api_null_field
  PASS  test_recommend_api_non_string_field
  PASS  test_recommend_api_empty_body
  PASS  test_project_detail_found
  PASS  test_project_detail_not_found
  PASS  test_internal_server_error_page
  PASS  test_view_code_found
  PASS  test_download_code_found
  PASS  test_health_check
  PASS  test_scoring_weights_has_all_keys

32 passed, 0 failed out of 32 tests

Self-Review Checklist [required]

  • I have read CONTRIBUTING.md and followed all guidelines
  • My branch name follows the convention: feat/, fix/, docs/, data/, style/, test/
  • I have run python tests/test_basic.py and all tests pass
  • I have not introduced any print() or console.log() debug statements
  • Every new function I wrote has a docstring
  • I have not modified files outside the scope of the linked issue

Notes for Reviewer

The existing validate_recommendation_inputs function already handles empty strings correctly. This fix sits one layer above it in the route handler: it catches type errors before they can crash .strip(), then lets the existing validation handle missing or blank values as before. No changes to the validation logic or the scoring engine were needed.

@anshul23102
fix: validate payload field types in /api/recommend to prevent 500 er…
85cdddb 
…rors (komalharshita#408)

Calling .strip() on null or non-string JSON values caused an unhandled
AttributeError. Added a type check loop that returns a 400 Bad Request
for any field that is not a string, and switched the extraction to use
(value or "").strip() so null values fall through to the existing empty
field validation. Two new tests cover null and list inputs.
@vercel
Copy link
Copy Markdown

vercel Bot commented May 22, 2026

@anshul23102 is attempting to deploy a commit to the komalsony234-1530's projects Team on Vercel.

A member of the Team first needs to authorize it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

gssoc-2026 type:bug Something isn't working type:testing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: Unhandled AttributeError in recommend API endpoint causes 500 Internal Server Error

1 participant

@anshul23102