Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Insufficient validation and cleaning of objects in arrays and of null values
See original GitHub issueI stumbled across this because of the recent AutoForm bug where null entries are left in arrays:
Test case:
var arraySchema = new SimpleSchema({
names: { type: [String] },
testField: { type: String, optional: true }
});
var validObject = { names: ["String"] };
var validEmptyObject = { names: [] };
var invalidObject = { names: [{hello:"world"}] };
var certainlyInvalidObject = { zebra:"striped" };
var evilObject = { names: [null] };
var cleanMe = { names: [], testField: null };
var validationContext = arraySchema.newContext();
console.log("validObject valid?", validationContext.validate(validObject));
console.log("validEmptyObject valid?", validationContext.validate(validEmptyObject));
console.log("invalidObject valid?", validationContext.validate(invalidObject));
console.log("certainlyInvalidObject valid?", validationContext.validate(certainlyInvalidObject));
console.log("evilObject valid?", validationContext.validate(evilObject));
console.log("cleanMe valid?", validationContext.validate(cleanMe));
arraySchema.clean(validObject);
arraySchema.clean(validEmptyObject);
arraySchema.clean(invalidObject);
arraySchema.clean(certainlyInvalidObject);
arraySchema.clean(evilObject);
arraySchema.clean(cleanMe);
console.log("validObject:", JSON.stringify(validObject));
console.log("validEmptyObject:", JSON.stringify(validEmptyObject));
console.log("invalidObject:", JSON.stringify(invalidObject));
console.log("certainlyInvalidObject:", JSON.stringify(certainlyInvalidObject));
console.log("evilObject:", JSON.stringify(evilObject));
console.log("cleanMe:", JSON.stringify(cleanMe));
Expected output:
validObject valid? true
validEmptyObject valid? true
invalidObject valid? false
evilObject valid? false
cleanMe valid? false
validObject: {"names":["String"]}
validEmptyObject: {"names":[]}
invalidObject: {"names":[]}
certainlyInvalidObject: {}
evilObject: {"names":[]}
cleanMe: {"names":[]}
Actual output:
validObject valid? true | OK
validEmptyObject valid? true | OK
invalidObject valid? false | OK
certainlyInvalidObject valid? false | OK
evilObject valid? true | error
cleanMe valid? true | error
validObject: {"names":["String"]} | OK
validEmptyObject: {"names":[]} | OK
invalidObject: {"names":[{}]} | error
certainlyInvalidObject: {} | OK
evilObject: {"names":[null]} | error
cleanMe: {"names":[],"testField":null} | error
Issue Analytics
- State:
- Created 8 years ago
- Comments:8
Top Results From Across the Web
Insufficient validation and cleaning of objects in arrays and of ...
I stumbled across this because of the recent AutoForm bug where null entries are left in arrays: Test case: var arraySchema = new ......
Read more >Remove empty & null values from nested object (ES6)
But I would like to enhance this function to allow me to remove all empty arrays or any empty collection which may exists...
Read more >Data cleaning with Python + Pandas: An Introduction - lvngd
Sometimes there are insufficient validation checks when the data is entered in the first place. If you have form fields with users entering...
Read more >Arrays | Elasticsearch Guide [8.5] | Elastic
An array may contain null values, which are either replaced by the configured null_value or skipped entirely. An empty array [] is treated...
Read more >Use empty string, null or remove empty property in API request ...
Empty string still is a value, it is just empty. ... This ensures that their validation and application logic can have clean separation ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Let’s take these one by one:
evilObjectshould not be valid. I agree. Maybe bug.cleanMeshould not be valid. I disagree.testFieldis optional and there are no minimum number of array items required.invalidObjectshould be[]instead of[{}]after cleaning. Maybe.nullshould be removed fromevilObjectarray. I’m not really sure whether there might be valid use cases for havingnullarray items, and since you can’t set an array item schema asoptional, there’s really no way to know whether cleaning should remove them or not. Maybe it could be a new option on the clean function (leaveNullsInArrays: true).testField: nullshould not be incleanMeafter cleaning it. I agree, but this seems like a pretty basic cleaning which I thought we had tests for, so I’m surprised it was not cleaned.I can add tests for any of these that don’t already have them, and then fix as appropriate.
Thanks for your patience. SimpleSchema 2.0.0-rc.1 is now released and should fix this bug.
There are a number of breaking changes when updating to 2.0, so be sure to check out the change log. If you use aldeed:collection2, you will need to use 2.10.0 or higher of that package in order to use SimpleSchema 2.0. If you use autoform, it is not yet updated to work with SimpleSchema 2.0, but hopefully soon.
SimpleSchema is now an isomorphic NPM package, so you can check out the updated readme and file issues over at the other repo. The Meteor wrapper package will exist for now but eventually I will probably deprecate support for it.
This is still a beta/RC and I do expect people will find issues, so use with caution. Production use is not yet recommended. That said, there are more and better unit tests than ever before, and the codebase should be much easier for others to read through and debug quickly.