Skip to content

Resolves issue #1877, validates cursor pagination limits as numeric request input.#1892

Merged
jdaigneau5 merged 2 commits into
devfrom
dr_1877
Jun 30, 2026
Merged

Resolves issue #1877, validates cursor pagination limits as numeric request input.#1892
jdaigneau5 merged 2 commits into
devfrom
dr_1877

Conversation

@david-rocca

Copy link
Copy Markdown
Collaborator

Closes Issue #1877

Summary

This MR fixes GET /api/cve_cursor limit validation so non-numeric and out-of-range values fail request validation before reaching pagination logic.

Important Changes

src/controller/cve.controller/index.js

  • Changed limit validation from string length checking to integer range validation.
  • Converts valid limit values to numbers with toInt().
  • Rejects repeated/array limit query params.

test/integration-tests/cve/cursorPaginationTest.js

  • Added validation coverage for non-numeric, below-minimum, and above-maximum limit values.

test/unit-tests/cve/cveGetAllTest.js

  • Added coverage confirming sanitized numeric limit reaches cursor pagination.

@jdaigneau5 jdaigneau5 linked an issue Jun 30, 2026 that may be closed by this pull request
4 tasks
@jdaigneau5 jdaigneau5 merged commit 41b8b2d into dev Jun 30, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Validate cursor pagination limit as an integer

2 participants