Skip to content

fix(FR-3058): send empty JSON body for non-GET requests with null body #7651

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
agatha197 wants to merge 1 commit into from
+11 −2
Closed

fix(FR-3058): send empty JSON body for non-GET requests with null body #7651

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion packages/backend.ai-client/src/client.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,7 @@
timeout: number = 0,
retry: number = 0,
opts: Record<string, unknown> = {},
): Promise<any> {

Check warning on line 212 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

Unexpected any. Specify a different type
// `errorType` starts out as one of the numeric `Client.ERR_*` sentinels and
// may later be re-assigned to a URI-shaped string (e.g.
// `https://api.backend.ai/probs/client-request-error`) before being
Expand All @@ -226,7 +226,7 @@
// otherwise. The callers downstream of this method also expect
// different shapes (most read JSON fields directly). Type as `any`
// here and document this in the type-mismatch follow-up file.
let body: any;

Check warning on line 229 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

Unexpected any. Specify a different type
let requestTimer: ReturnType<typeof setTimeout> | undefined;
let requestTimerForSoftTimeout: ReturnType<typeof setTimeout> | undefined;
let isSoftTimeoutTriggered = false;
Expand Down Expand Up @@ -485,7 +485,7 @@
}
try {
localStorage.setItem('backendaiwebui.logs', JSON.stringify(log_stack));
} catch (e) {

Check warning on line 488 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

'e' is defined but never used
// console.warn('Local storage is full. Clearing part of the logs.');
// localStorage is full, we will keep the recent 2/3 of the logs.
let webuiLogs = JSON.parse(
Expand Down Expand Up @@ -870,7 +870,7 @@
try {
await this._wrapWithPromise(rqst);
return Promise.resolve(true);
} catch (e) {

Check warning on line 873 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

'e' is defined but never used
return Promise.resolve(false);
}
}
Expand All @@ -891,7 +891,7 @@
} else {
//console.log("login failed");
}
} catch (err) {

Check warning on line 894 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

'err' is defined but never used
// console.log(err);
return Promise.resolve(false);
}
Expand Down Expand Up @@ -991,7 +991,7 @@
* Login into webserver with auth cookie token. This requires additional webserver package.
*
*/
async token_login(token: string, extraParams: object = {}): Promise<any> {

Check warning on line 994 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

Unexpected any. Specify a different type
const body = token ? { sToken: token } : {};
if (extraParams) {
Object.assign(body, extraParams);
Expand Down Expand Up @@ -1063,7 +1063,7 @@
* Leave from manager user. This requires additional webserver package.
*
*/
async signout(userid: string, password: string): Promise<any> {

Check warning on line 1066 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

Unexpected any. Specify a different type
let body = {
username: userid,
password: password,
Expand All @@ -1075,7 +1075,7 @@
/**
* Update user's full_name.
*/
async update_full_name(email: string, fullName: string): Promise<any> {

Check warning on line 1078 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

Unexpected any. Specify a different type
let body = {
email: email,
full_name: fullName,
Expand All @@ -1097,7 +1097,7 @@
oldPassword: string,
newPassword: string,
newPassword2: string,
): Promise<any> {

Check warning on line 1100 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

Unexpected any. Specify a different type
let body = {
old_password: oldPassword,
new_password: newPassword,
Expand All @@ -1113,7 +1113,7 @@
return this._wrapWithPromise(rqst);
}

async initialize_totp(): Promise<any> {

Check warning on line 1116 in packages/backend.ai-client/src/client.ts

View workflow job for this annotation

GitHub Actions / Lint, typecheck, test, build 

Unexpected any. Specify a different type
let rqst = this.newSignedRequest('POST', '/totp', {}, null);
return this._wrapWithPromise(rqst);
}
Expand Down Expand Up @@ -1680,7 +1680,11 @@
let authBody: string;
let d = new Date();
if (body === null || body === undefined) {
requestBody = '';
// Some backends require a valid JSON body even when empty.
// Send '{}' for methods that carry a body; keep '' for GET/HEAD.
// authBody mirrors requestBody so the v<4 signature (which hashes the
// body) matches what is actually sent; v4+ excludes the body anyway.
requestBody = method !== 'GET' && method !== 'HEAD' ? '{}' : '';

@yomybaby yomybaby Jun 8, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please check the backend changes related to this part again. The fact that {} must be sent unconditionally is strange.

authBody = requestBody;
} else if (
typeof (body as { getBoundary?: () => string }).getBoundary ===
Expand Down
7 changes: 6 additions & 1 deletion src/lib/backend.ai-client-node.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1316,7 +1316,12 @@ class Client {
let authBody;
let d = new Date();
if (body === null || body === undefined) {
requestBody = '';
// Some backends require a valid JSON body even when empty.
// Send '{}' for methods that carry a body; keep '' for GET/HEAD.
// authBody must match the actual body: on legacy (v<4) backends the
// signature hashes the body, so a mismatch fails verification. On v4+
// the body is excluded from the signature (see below), so this is safe.
requestBody = method !== 'GET' && method !== 'HEAD' ? '{}' : '';
Comment thread
agatha197 marked this conversation as resolved.
authBody = requestBody;
} else if (
typeof body.getBoundary === 'function' ||
Expand Down
Loading