Skip to content

fix. convert all fields to String before matching #1032

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
balog-b wants to merge 1 commit into
base: staging
Choose a base branch
from
+8 −7
Open

fix. convert all fields to String before matching #1032

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 8 additions & 7 deletions backend/src/main/resources/templates/overview4.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -182,14 +182,15 @@ <h5 th:text="${action.usageString}">Usage text</h5>

</script>
<script th:if="${searchSettings != null && not searchSettings.fuzzy}" th:inline="javascript">
function normalSearch(data, searchTerm) {
let result = false;
const fields = /*[[${searchSettings.rows}]]*/ [];
for (let field in fields) {
result = result || (data[fields[field]] && data[fields[field]].toLowerCase().includes(searchTerm.toLowerCase()));
}
return result;
function normalSearch(data, searchTerm) {
let result = false;
const fields = /*[[${searchSettings.rows}]]*/ [];
for (let field in fields) {
const value = String(data[fields[field]]);
result = result || (value && value.toLowerCase().includes(searchTerm.toLowerCase()));
}
return result;
}
Comment on lines +185 to +193
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Edge case: null/undefined field values become matchable strings.

String(null) and String(undefined) produce the literal strings "null" / "undefined", which are truthy and will pass the value && ... guard. As a result, a user searching for the substring null or undefined will match rows where the corresponding field is actually missing. The pre-existing value && short-circuit is now effectively dead code, since String(...) always returns a non-empty string for these cases.

Consider normalizing nullish values to an empty string instead:

♻️ Proposed refinement 
 function normalSearch(data, searchTerm) {
     let result = false;
     const fields = /*[[${searchSettings.rows}]]*/ [];
     for (let field in fields) {
-        const value = String(data[fields[field]]);
-        result = result || (value && value.toLowerCase().includes(searchTerm.toLowerCase()));
+        const raw = data[fields[field]];
+        const value = raw == null ? "" : String(raw);
+        result = result || (value !== "" && value.toLowerCase().includes(searchTerm.toLowerCase()));
     }
     return result;
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
function normalSearch(data, searchTerm) {
let result = false;
const fields = /*[[${searchSettings.rows}]]*/ [];
for (let field in fields) {
const value = String(data[fields[field]]);
result = result || (value && value.toLowerCase().includes(searchTerm.toLowerCase()));
}
return result;
}
function normalSearch(data, searchTerm) {
let result = false;
const fields = /*[[${searchSettings.rows}]]*/ [];
for (let field in fields) {
const raw = data[fields[field]];
const value = raw == null ? "" : String(raw);
result = result || (value !== "" && value.toLowerCase().includes(searchTerm.toLowerCase()));
}
return result;
}
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@backend/src/main/resources/templates/overview4.html` around lines 185 - 193,
In normalSearch, converting field values with String(data[fields[field]]) turns
null/undefined into "null"/"undefined" which bypasses the value guard; update
the implementation to treat nullish values as empty strings before doing the
contains check (e.g., read the raw value from data using data[fields[field]] and
normalize null/undefined to '' before converting/casing and comparing with
searchTerm) so that missing fields don't match searches for "null"/"undefined";
adjust references in the function (normalSearch, fields, data[fields[field]],
searchTerm) accordingly.


document.getElementById("table-search-input").addEventListener("input", function(e) {
const searchTerm = e.target.value;
Expand Down
Loading