Skip to content

fix(feed): clamp invalid lounge feed page values before Supabase range queries#375

Open
Nexu0ps wants to merge 1 commit into
profullstack:masterfrom
Nexu0ps:fix/lounge-feed-page-clamping
Open

fix(feed): clamp invalid lounge feed page values before Supabase range queries#375
Nexu0ps wants to merge 1 commit into
profullstack:masterfrom
Nexu0ps:fix/lounge-feed-page-clamping

Conversation

@Nexu0ps
Copy link
Copy Markdown

@Nexu0ps Nexu0ps commented Jun 2, 2026

Fixes #358

Replaces Number(resolvedParams.page) || 1 with the shared parsePageParam helper already used by /affiliates, /directory, /for-hire, and /gigs.

This ensures negative, non-finite (Infinity/-Infinity), and excessively large page values are normalized before the Supabase .range() offset is calculated, matching the pagination-hardening pattern applied across the codebase.

Tested: pattern matches existing usage on affiliated listing pages.

@Nexu0ps
fix(feed): use parsePageParam to clamp invalid lounge page values
027139f 
Replaces raw `Number(resolvedParams.page) || 1` with the shared
parsePageParam helper so negative, non-finite, and huge page values
normalize correctly before the Supabase .range() offset is built.
Matches the pagination-hardening pattern used on other listing pages.

Fixes profullstack#358
@greptile-apps
Copy link
Copy Markdown

greptile-apps Bot commented Jun 2, 2026

Greptile Summary

This PR fixes invalid page-parameter handling in the lounge feed by replacing the inline Number(resolvedParams.page) || 1 expression with the shared parsePageParam helper already used by the affiliates, directory, for-hire, and gigs routes.

  • parsePageParam uses parseInt and clamps the result to [1, 1_000], preventing negative offsets and runaway upper bounds from reaching the Supabase .range() call.
  • The change is a one-line swap plus the corresponding import; no logic elsewhere in the file is touched.

Confidence Score: 5/5

Safe to merge — a one-line substitution that tightens input validation with no functional regressions on valid inputs.

The swap is mechanical: both the old and new code produce 1 for missing/invalid page values, and the new helper additionally rejects negative numbers and caps extremely large values that could push the Supabase range offset into meaningless territory. The helper is already in use on multiple other routes with identical logic, so its correctness is well-established.

No files require special attention.

Important Files Changed

Filename Overview
src/app/feed/page.tsx Swaps raw Number(resolvedParams.page)

Sequence Diagram

sequenceDiagram
    participant Browser
    participant FeedContent
    participant parsePageParam
    participant Supabase

    Browser->>FeedContent: "GET /feed?page=value"
    FeedContent->>parsePageParam: parsePageParam(resolvedParams.page)
    Note over parsePageParam: parseInt(value, 10), clamp to [1, 1000], fallback 1 if non-finite
    parsePageParam-->>FeedContent: safe page number
    FeedContent->>FeedContent: "offset = (page - 1) * limit"
    FeedContent->>Supabase: .range(offset, offset + limit - 1)
    Supabase-->>FeedContent: posts + count
    FeedContent-->>Browser: rendered feed page
Loading

Reviews (1): Last reviewed commit: "fix(feed): use parsePageParam to clamp i..." | Re-trigger Greptile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Clamp invalid lounge feed page values before Supabase range queries

1 participant

@Nexu0ps