Open
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+122
to
+125
| JSON.stringify({ | ||
| error: true, | ||
| message: getErrorMessage(error), | ||
| }), |
Check warning
Code scanning / CodeQL
Information exposure through a stack trace Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 days ago
In general, the fix is to ensure that error information returned to the client is generic and does not include stack traces or arbitrary serialized error objects, while still logging full details on the server. The central place to do this in this codebase is handleErrorResponse plus the getErrorMessage helper it calls.
Best single fix without changing calling behavior:
- Tighten
getErrorMessageso it never serializes an arbitrary object. Instead:- For
Errorinstances, return a bounded, safe message (e.g.,error.messageor even a generic"An error occurred"). - For non-
Errorvalues, return a very generic string ('An unknown error occurred'), avoidingJSON.stringify(error).
- For
- Optionally add a helper like
getErrorStack/getErrorMessageAndStackObjto logging only (already present) and keephandleErrorResponsefocused on safe messages. - Leave
handleErrorResponse’s structure unchanged (same signature and usage) but benefit from the safergetErrorMessagesemantics. This addresses all variants whereexflows intohandleErrorResponse.
Concretely:
- Edit
libs/shared/utils/src/lib/utils.ts:- Change
getErrorMessageto stop usingJSON.stringify(error)and instead return a generic message for non-Errorinputs.
- Change
- Optionally (but not required) ensure that stack details are only used via
getErrorStack/getErrorMessageAndStackObjon the server side; they are not currently sent inhandleErrorResponse, so modifyinggetErrorMessageis sufficient.
No changes are needed to all the individual controllers; they will continue to call handleErrorResponse(ex) but will now get a safe, non-detailed error message.
Suggested changeset
1
libs/shared/utils/src/lib/utils.ts
Outside changed files
| @@ -54,9 +54,11 @@ | ||
|
|
||
| export function getErrorMessage(error: unknown) { | ||
| if (error instanceof Error) { | ||
| return error.message; | ||
| // Return only the error message; do not expose stack or internal details. | ||
| return error.message || 'An unexpected error occurred'; | ||
| } | ||
| return JSON.stringify(error); | ||
| // Avoid serializing arbitrary objects, which may contain sensitive data. | ||
| return 'An unexpected error occurred'; | ||
| } | ||
|
|
||
| export function getErrorStack(error: unknown) { |
Copilot is powered by AI and may make mistakes. Always verify output.
![github-code-quality[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
paustint
force-pushed
the
feat/canvas-app
branch
from
da6b735 to
ad57b3e
Compare
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
paustint
force-pushed
the
feat/canvas-app
branch
from
f6daead to
7d7f0c1
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces an initial “Canvas App” (Salesforce Canvas / managed package) delivery path alongside the existing web app, desktop app, and browser extension flows, including environment detection, embedded-mode UI behavior, and Canvas-specific OAuth + routing.
Changes:
- Add a new
jetstream-canvasNx/Vite application and a Canvas-aware client routing/axios adapter layer. - Extend shared UI + jobs + download + permissions/ability logic to support
isCanvasApp()/ single-org embedded mode behaviors. - Add Salesforce managed-package (SFDX) assets + docs + CI workflow, and add API
/canvas/*routes for serving the Canvas app and handling OAuth callbacks.
Reviewed changes
Copilot reviewed 125 out of 137 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| yarn.lock | Bumps @testing-library/react lock entry. |
| package.json | Adds canvas build scripts + includes jetstream-canvas in CI build; bumps @testing-library/react. |
| libs/ui/src/lib/layout/Header.tsx | Renames isChromeExtension prop to isEmbeddedApp and updates conditional rendering. |
| libs/ui/src/lib/file-download-modal/options/FileDownloadGoogle.tsx | Treats Canvas app as “external Google picker” environment. |
| libs/ui/src/lib/file-download-modal/RecordDownloadModal.tsx | Allows Google download/upload flow in Canvas app. |
| libs/ui/src/lib/file-download-modal/FileFauxDownloadModal.tsx | Allows Google download/upload flow in Canvas app. |
| libs/ui/src/lib/file-download-modal/FileDownloadModal.tsx | Allows Google download/upload flow in Canvas app. |
| libs/shared/utils/src/lib/utils.ts | Adds urlSearchParamsToJson helper. |
| libs/shared/ui-utils/src/lib/shared-canvas-helpers.ts | Adds isCanvasApp() helper. |
| libs/shared/ui-utils/src/lib/hooks/useDriveExternalPicker.ts | Adds BroadcastChannel fallback and treats Canvas as popup-based picker flow. |
| libs/shared/ui-utils/src/index.ts | Re-exports new canvas helpers. |
| libs/shared/ui-core/src/state-management/load-records.state.ts | Gives Canvas app “unlimited” API limits similar to desktop/extension. |
| libs/shared/ui-core/src/jobs/Jobs.tsx | Uses external Google token store in Canvas app. |
| libs/shared/ui-core/src/jobs/JobWorker.ts | Treats Canvas app like extension for non-streaming bulk downloads. |
| libs/shared/ui-core/src/app/HeaderNavbar.tsx | Adds embedded-mode prop, fullscreen link handling for Canvas, and selected-org usage. |
| libs/shared/ui-app-state/src/lib/ui-app-state.ts | Adds Canvas-specific appInfo/serverUrl handling and single-org mode behavior. |
| libs/shared/data/src/lib/client-data.ts | Adds Canvas-specific preference getters/setters passing org context. |
| libs/features/platform-event-monitor/src/usePlatformEvent.ts | Adds subscribe/unsubscribe override hooks for non-CometD environments (Canvas). |
| libs/features/platform-event-monitor/src/index.ts | Re-exports override-related types. |
| libs/features/platform-event-monitor/src/PlatformEventMonitor.tsx | Accepts override fns and renames internal “chromeExtension” state. |
| libs/features/load-records/src/steps/SelectObjectAndFile.tsx | Enables Google picker + unlimited file size in Canvas app. |
| libs/features/load-records-multi-object/src/LoadRecordsMultiObject.tsx | Enables Google picker support in Canvas app. |
| libs/features/deploy/src/view-or-compare-metadata/ViewOrCompareMetadataSidebar.tsx | Renames extension-only flag to generic single-org mode flag. |
| libs/features/deploy/src/view-or-compare-metadata/ViewOrCompareMetadataModalFooter.tsx | Renames extension-only flag to generic single-org mode flag. |
| libs/features/deploy/src/view-or-compare-metadata/ViewOrCompareMetadataModal.tsx | Treats Canvas app as single-org mode for UI labels/behavior. |
| libs/features/deploy/src/DeployMetadataDeploymentTable.tsx | Treats Canvas app as single-org mode for button copy. |
| libs/features/deploy/src/DeployMetadataDeployment.tsx | Hides “deploy to different org” in single-org (extension/canvas) mode. |
| libs/auth/salesforce-oauth/src/lib/salesforce-oauth.ts | Adds Canvas OAuth init/callback with signed state payload. |
| libs/auth/acl/src/lib/acl.ts | Adds isCanvasApp to ability derivation and “web app” classification. |
| custom-typings/index.d.ts | Declares global __IS_CANVAS_APP__. |
| apps/landing/pages/web-extension/google-picker/index.tsx | Switches to shared “external picker” state hook. |
| apps/landing/pages/oauth-link/index.tsx | Refactors postMessage handling and minor JSX spacing tweak. |
| apps/landing/pages/canvas-auth/index.tsx | Adds Canvas OAuth “close window / return to app” landing page. |
| apps/landing/hooks/external-google-picker.hooks.ts | Generalizes picker hook for extension/canvas + adds BroadcastChannel fallback. |
| apps/jetstream-web-extension/src/utils/api-client.ts | Fixes double await. |
| apps/jetstream-web-extension/src/pages/app/App.tsx | Uses isEmbeddedApp prop instead of isChromeExtension. |
| apps/jetstream-web-extension/src/controllers/sf-misc.web-ext.controller.ts | Fixes HTTP error threshold (>= 300). |
| apps/jetstream-desktop/src/controllers/sf-misc.desktop.controller.ts | Fixes HTTP error threshold (>= 300). |
| apps/jetstream-canvas/vite.plugins.ts | Adds Vite plugin utilities for base href and file replacement. |
| apps/jetstream-canvas/vite.config.mts | Adds Vite config for Canvas app build/dev/test. |
| apps/jetstream-canvas/tsconfig.spec.json | Adds spec TS config for Canvas app. |
| apps/jetstream-canvas/tsconfig.json | Adds base TS config for Canvas app. |
| apps/jetstream-canvas/tsconfig.app.json | Adds app TS config for Canvas app. |
| apps/jetstream-canvas/src/utils/zip.ts | Adds ZIP streaming/creation utilities for Canvas downloads. |
| apps/jetstream-canvas/src/utils/canvas.utils.ts | Builds a SalesforceOrgUi from Canvas signed request context. |
| apps/jetstream-canvas/src/utils/canvas.types.ts | Adds Canvas org/api-connection type. |
| apps/jetstream-canvas/src/utils/canvas-axios-adapter.ts | Adds axios adapter that routes requests to in-app Canvas controllers. |
| apps/jetstream-canvas/src/utils/api-client.ts | Adds Canvas API client using Canvas SDK ajax bridge + org initialization. |
| apps/jetstream-canvas/src/main.tsx | Boots Canvas app, installs axios adapter, validates iframe context, initializes Canvas SDK. |
| apps/jetstream-canvas/src/main.scss | Adds Canvas app styling overrides. |
| apps/jetstream-canvas/src/environments/environment.ts | Adds Canvas dev environment config. |
| apps/jetstream-canvas/src/environments/environment.staging.ts | Adds Canvas staging environment config. |
| apps/jetstream-canvas/src/environments/environment.prod.ts | Adds Canvas prod environment config. |
| apps/jetstream-canvas/src/controllers/user.canvas.controller.ts | Adds (placeholder) feedback route wiring. |
| apps/jetstream-canvas/src/controllers/sf-record.canvas.controller.ts | Adds record APIs (binary upload, CRUD ops) for Canvas adapter routing. |
| apps/jetstream-canvas/src/controllers/sf-query.canvas.controller.ts | Adds describe/query/queryMore routes for Canvas adapter routing. |
| apps/jetstream-canvas/src/controllers/sf-misc.canvas.controller.ts | Adds misc routes (downloads, manual requests) for Canvas adapter routing. |
| apps/jetstream-canvas/src/controllers/sf-metadata-tooling.canvas.controller.ts | Adds metadata tooling endpoints for Canvas adapter routing. |
| apps/jetstream-canvas/src/controllers/sf-bulk-query-20-api.canvas.controller.ts | Adds Bulk Query 2.0 endpoints for Canvas adapter routing. |
| apps/jetstream-canvas/src/controllers/sf-bulk-api.canvas.controller.ts | Adds Bulk API endpoints for Canvas adapter routing. |
| apps/jetstream-canvas/src/controllers/route.utils.ts | Adds lightweight route creation/validation and response helpers for Canvas adapter routing. |
| apps/jetstream-canvas/src/controllers/preferences.canvas.controller.ts | Implements preference read/write via custom setting in Salesforce. |
| apps/jetstream-canvas/src/controllers/jetstream-data-sync.canvas.controller.ts | Adds placeholder data-sync routes. |
| apps/jetstream-canvas/src/controllers/canvas.routes.ts | Registers the Canvas app’s internal “API” routes. |
| apps/jetstream-canvas/src/assets/.gitkeep | Keeps assets directory in repo. |
| apps/jetstream-canvas/src/app/core/monaco-loader.ts | Configures Monaco loader paths and custom configuration. |
| apps/jetstream-canvas/src/app/core/config.ts | Adds Canvas router config/basename. |
| apps/jetstream-canvas/src/app/core/Login.tsx | Adds Canvas-specific auth/authorize UX and OAuth popup flow. |
| apps/jetstream-canvas/src/app/core/LazyLoad.tsx | Adds lazy-with-preload helper (ported). |
| apps/jetstream-canvas/src/app/core/AppInitializer.tsx | Initializes org state, DB, and Canvas preference sync. |
| apps/jetstream-canvas/src/app/app.tsx | Wires core providers, embedded header, and routes for Canvas app. |
| apps/jetstream-canvas/src/app/AppRoutes.tsx | Defines Canvas app route tree and platform-event overrides using Canvas SDK streaming. |
| apps/jetstream-canvas/project.json | Adds Nx targets for build/serve/test for Canvas app. |
| apps/jetstream-canvas/index.html | Adds Canvas app HTML template with injected Canvas SDK + signed request. |
| apps/jetstream-canvas/eslint.config.cjs | Adds eslint config for Canvas app project. |
| apps/docs/sidebars.ts | Adds managed-package doc page to docs sidebar. |
| apps/docs/docs/getting-started/managed-package/managed-package.mdx | Adds documentation for managed package / Canvas app usage. |
| apps/api/src/main.ts | Registers /canvas route with CSP frame-ancestors and router. |
| apps/api/src/app/routes/index.ts | Exports new canvasRoutes. |
| apps/api/src/app/routes/canvas.routes.ts | Adds API routes to serve Canvas app + static assets. |
| apps/api/src/app/controllers/sf-misc.controller.ts | Fixes HTTP error threshold (>= 300). |
| apps/api/src/app/controllers/sf-bulk-api.controller.ts | Fixes validator params for bulk zip upload. |
| apps/api/src/app/controllers/canvas.controller.ts | Implements Canvas signed_request verification + user-approval OAuth flow + HTML injection. |
| apps-sfdx/sfdx-project.json | Adds SFDX project config for managed package assets and replacements. |
| apps-sfdx/scripts/soql/.gitkeep | Adds placeholder scripts folder. |
| apps-sfdx/scripts/sfdx/create-scratch-org.mjs | Adds scratch org creation/deploy helper script. |
| apps-sfdx/scripts/apex/.gitkeep | Adds placeholder apex scripts folder. |
| apps-sfdx/package.json | Adds SFDX project scripts/deps for lint/test/scratch org tasks. |
| apps-sfdx/jest.config.js | Adds Jest config for LWC tests. |
| apps-sfdx/eslint.config.js | Adds ESLint flat config for SFDX Aura/LWC + Jest mocks. |
| apps-sfdx/config/project-scratch-def.json | Adds default scratch org definition for Canvas package. |
| apps-sfdx/config/project-scratch-def-professional.json | Adds Professional scratch org definition. |
| apps-sfdx/canvas-app/untracked/main/default/extlClntAppGlobalOauthSets/Jetstream_Canvas_glbloauth.ecaGlblOauth-meta.xml | Adds global OAuth settings metadata (untracked). |
| apps-sfdx/canvas-app/untracked/main/default/.gitkeep | Keeps untracked metadata folder. |
| apps-sfdx/canvas-app/unpackaged/main/default/.gitkeep | Keeps unpackaged metadata folder. |
| apps-sfdx/canvas-app/jetstream/main/default/tabs/JetstreamAppTab.tab-meta.xml | Adds Jetstream custom tab. |
| apps-sfdx/canvas-app/jetstream/main/default/permissionsets/Jetstream.permissionset-meta.xml | Adds permission set for Canvas app + custom setting fields. |
| apps-sfdx/canvas-app/jetstream/main/default/pages/JetstreamPage.page-meta.xml | Adds VF page metadata. |
| apps-sfdx/canvas-app/jetstream/main/default/pages/JetstreamPage.page | Adds VF page embedding the Canvas app with resizing script. |
| apps-sfdx/canvas-app/jetstream/main/default/objects/UserPreferences__c/fields/WhereClauseOpsIndented__c.field-meta.xml | Adds preferences custom setting field. |
| apps-sfdx/canvas-app/jetstream/main/default/objects/UserPreferences__c/fields/SubqueryParensOnOwnLine__c.field-meta.xml | Adds preferences custom setting field. |
| apps-sfdx/canvas-app/jetstream/main/default/objects/UserPreferences__c/fields/SkipFrontdoorLogin__c.field-meta.xml | Adds preferences custom setting field. |
| apps-sfdx/canvas-app/jetstream/main/default/objects/UserPreferences__c/fields/RecordSyncEnabled__c.field-meta.xml | Adds preferences custom setting field. |
| apps-sfdx/canvas-app/jetstream/main/default/objects/UserPreferences__c/fields/NumIndent__c.field-meta.xml | Adds preferences custom setting field. |
| apps-sfdx/canvas-app/jetstream/main/default/objects/UserPreferences__c/fields/NewLineAfterKeywords__c.field-meta.xml | Adds preferences custom setting field. |
| apps-sfdx/canvas-app/jetstream/main/default/objects/UserPreferences__c/fields/FieldMaxLineLength__c.field-meta.xml | Adds preferences custom setting field. |
| apps-sfdx/canvas-app/jetstream/main/default/objects/UserPreferences__c/UserPreferences__c.object-meta.xml | Adds hierarchy custom setting for user preferences. |
| apps-sfdx/canvas-app/jetstream/main/default/extlClntAppPolicies/Jetstream_Canvas_plcy.ecaPlcy-meta.xml | Adds external client app policies metadata. |
| apps-sfdx/canvas-app/jetstream/main/default/extlClntAppOauthSettings/Jetstream_Canvas_oauth.ecaOauth-meta.xml | Adds external client app OAuth settings metadata. |
| apps-sfdx/canvas-app/jetstream/main/default/extlClntAppOauthPolicies/Jetstream_Canvas_oauthPlcy.ecaOauthPlcy-meta.xml | Adds external client app OAuth policies metadata. |
| apps-sfdx/canvas-app/jetstream/main/default/extlClntAppCanvasSettings/Jetstream_Canvas_canvasSettings.ecaCanvas-meta.xml | Adds external client app Canvas settings metadata. |
| apps-sfdx/canvas-app/jetstream/main/default/externalClientApps/Jetstream_Canvas_Dev.eca-meta.xml | Adds external client app definition metadata. |
| apps-sfdx/canvas-app/jetstream/main/default/contentassets/jetstreamiconpro128.asset-meta.xml | Adds content asset metadata for branding. |
| apps-sfdx/canvas-app/jetstream/main/default/classes/UserPreferencesTest.cls-meta.xml | Adds Apex test metadata for preferences. |
| apps-sfdx/canvas-app/jetstream/main/default/classes/UserPreferencesTest.cls | Adds Apex tests for preference custom setting behavior. |
| apps-sfdx/canvas-app/jetstream/main/default/classes/JetstreamPageControllerTest.cls-meta.xml | Adds Apex test metadata for page controller. |
| apps-sfdx/canvas-app/jetstream/main/default/classes/JetstreamPageControllerTest.cls | Adds Apex tests for fullscreen parameter logic. |
| apps-sfdx/canvas-app/jetstream/main/default/classes/JetstreamPageController.cls-meta.xml | Adds Apex class metadata for page controller. |
| apps-sfdx/canvas-app/jetstream/main/default/classes/JetstreamPageController.cls | Adds page controller providing isFullScreen canvas parameters. |
| apps-sfdx/canvas-app/jetstream/main/default/applications/Jetstream.app-meta.xml | Adds Lightning app definition for Jetstream. |
| apps-sfdx/canvas-app/jetstream/main/default/appMenus/AppSwitcher.appMenu-meta.xml | Adds app menu metadata entries. |
| apps-sfdx/README.md | Adds minimal SFDX readme. |
| apps-sfdx/.vscode/settings.json | Adds SFDX workspace VS Code settings. |
| apps-sfdx/.prettierrc | Adds Prettier config for SFDX assets (Apex/XML). |
| apps-sfdx/.prettierignore | Adds ignore rules for SFDX workspace. |
| apps-sfdx/.gitignore | Adds SFDX-specific ignores. |
| apps-sfdx/.forceignore | Adds Salesforce source tracking ignore rules. |
| .vscode/settings.json | Excludes SFDX folders from search/watcher. |
| .vscode/launch.json | Adds Apex Replay Debugger launch configuration. |
| .github/workflows/sfdx-ci.yml | Adds CI workflow to deploy to scratch org and run Apex tests. |
| .github/workflows/release.yml | Fixes Rollbar env var name for deploy creation step. |
Comments suppressed due to low confidence (2)
apps/landing/hooks/external-google-picker.hooks.ts:98
- This hook logs nonce/origin and picker result params via
console.log/console.warn. These values can include sensitive auth artifacts and are likely to leak in production (browser logs, support screenshots, etc.). Please remove these logs or guard them behind an explicit dev/debug flag.
apps/landing/hooks/external-google-picker.hooks.ts:61 isTrustedOrigincurrently allows anyhttps://origin. BecauseopenerOriginis read from query params, an attacker can open this page with their ownopenerOriginand receive Google picker results (tokens / file metadata) viapostMessage. Please restrict allowed origins to a known allowlist (e.g., your app domains +*.force.com/*.salesforce.com+ extension origins) and treatopenerOriginas untrusted input.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
paustint
force-pushed
the
feat/canvas-app
branch
from
7d7f0c1 to
eb86661
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 125 out of 137 changed files in this pull request and generated 3 comments.
Comments suppressed due to low confidence (2)
apps/landing/hooks/external-google-picker.hooks.ts:62
openerOriginis taken directly from query params, andisTrustedOrigin()currently allows anyhttps://origin. That means any arbitrary website can open this page, setopenerOriginto itself, and receive Google Picker results viapostMessage(the nonce does not prevent this because the attacker controls the nonce too). Please restrictopenerOriginto a tight allowlist (e.g., known Jetstream origins and extension origins) and/or derive the target origin from a trusted source instead of URL params.
apps/landing/hooks/external-google-picker.hooks.ts:76- This introduces a number of
console.log/console.warnstatements that will run in production for every picker completion. This can leak details to logs and adds noise for users. Consider removing these, gating behind a debug flag, or routing through the existing logger with an environment-controlled log level.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
paustint
force-pushed
the
feat/canvas-app
branch
2 times, most recently
from
954f667 to
fe10fe0
Compare
Add API and core application logic for a new distribution method for canvas apps
chore: move canvas types to shared lib
…vas and jetstream-web-extension update JSON response handling in route utilities to use nullish coalescing.
paustint
force-pushed
the
feat/canvas-app
branch
from
fe10fe0 to
b278f6a
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Introduce a managed package for Jetstream deployed as a Managed Package using a Canvas App.