[MWPW-197392] fix: encode non-ASCII alt text header and handle empty image upload responses#180
[MWPW-197392] fix: encode non-ASCII alt text header and handle empty image upload responses#180sharmeebuilds wants to merge 7 commits into
Conversation
…esponses - encodeURIComponent on x-image-alt-text header so non-ASCII characters (e.g. Japanese) are not silently dropped by the browser - Parse response body safely in safeFetch to avoid JSON.parse errors on empty 204-style responses; guard getConfig against non-object results Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
sharmeebuilds
changed the title
qiyundai
left a comment
qiyundai
left a comment
There was a problem hiding this comment.
LGTM. One soft flag before this ships: make sure the server decodes the encodeURIComponent-encoded value in the x-image-alt-text header before storing or displaying it — otherwise non-ASCII alt text will surface as percent-encoded strings (e.g. %E6%97%A5%E6%9C%AC%E8%AA%9E) on the display side. Encoding is the right transport fix; just confirming the backend is decoding on receipt.
Thanks for flagging, this is already in discussion with BE team. Also, |
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Merge after BE uses decodeURI... @gbajaj91 |
Prefix the percent-encoded alt text with UTF-8'' so the charset is explicitly declared per RFC 5987, making it safe for non-ASCII values like Japanese across any compliant HTTP receiver. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replaces the UTF-8'' prefixed encodeURIComponent approach with the rfc5987-value-chars package, which correctly encodes chars forbidden by RFC 5987 value-chars (apostrophes, parens, *) without adding a charset prefix — keeping the wire format compatible with the existing server-side decodeURIComponent decode. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Removes rfc5987-value-chars dependency. Plain encodeURIComponent is sufficient for this internal API to safely encode non-ASCII characters like Japanese in XHR headers. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
3 participants
Summary
x-image-alt-textheader before sending to the API to prevent malformed request headersWhy encoding is required
XHR's `setRequestHeader` only accepts Latin-1 (ISO-8859-1) characters. Passing raw non-ASCII text (e.g. Japanese) throws a `TypeError` at the browser level. Any encoding chosen must produce ASCII-safe output.
RFC / encoding options considered
Approach comparison
RFC 5987 — why it was considered and rejected
RFC 5987 is the formal HTTP standard for encoding non-ASCII header values. It prefixes the percent-encoded value with `UTF-8''` so the receiver knows the charset explicitly.
Why rejected: ESP's `ImageService.getImageHeaders()` reads the header raw with no decoding — the server would store the literal string `UTF-8''%E3%81%82...` in DynamoDB. Using RFC 5987 would require a server-side change to strip the prefix before decoding. For an internal API, that complexity is unnecessary.
RFC 2047 — already used internally by ESP
ESP uses the `rfc2047` package in `ImageService` to encode alt text when writing to S3 metadata:
This is an email/MIME encoding standard (not HTTP) applied after ESP receives and decodes the header value. It's unrelated to how the header travels from EMC to ESP.
npm packages evaluated
No well-maintained npm package exists for HTTP header percent-encoding because `encodeURIComponent` is a built-in that already handles it correctly.
Decision
Use plain `encodeURIComponent` on the client. It is:
Test plan
🤖 Generated with Claude Code