fix:api method body response fix

Author: Amitkanswal

package-lock.json

@@ -1,6 +1,6 @@
 {
     "name": "@contentstack/app-sdk",
-    "version": "2.3.0",
+    "version": "2.3.1",
     "types": "dist/src/index.d.ts",
     "description": "The Contentstack App SDK allows you to customize your Contentstack applications.",
     "main": "dist/index.js",

package.json

@@ -6,7 +6,7 @@ import {
     AxiosResponse,
 } from "axios";
 
-import { fetchToAxiosConfig } from "./utils";
+import { axiosToFetchResponse, fetchToAxiosConfig, sanitizeFetchResponseHeader } from "./utils";
 
 /**
  * Dispatches a request using PostRobot.
@@ -60,15 +60,11 @@ export const dispatchApiRequest = async (
 ): Promise<Response> => {
     try {
         const config = fetchToAxiosConfig(url, options);
-        const response = (await dispatchAdapter(PostRobot)(
+        const axiosResponse = (await dispatchAdapter(PostRobot)(
             config
         )) as AxiosResponse;
 
-        return new Response(response?.data, {
-            status: response.status,
-            statusText: response.statusText,
-            headers: response.config.headers,
-        });
+        return axiosToFetchResponse(axiosResponse, sanitizeFetchResponseHeader);
     } catch (err: any) {
         if (err.response) {
             return new Response(err.response?.data, {

src/utils/adapter.ts

@@ -1,4 +1,4 @@
-import { AxiosHeaders, AxiosRequestConfig } from "axios";
+import { AxiosHeaders, AxiosRequestConfig, AxiosResponse } from "axios";
 
 import { Region, RegionType } from "../types";
 
@@ -85,3 +85,55 @@ export const fetchToAxiosConfig = (
 
     return axiosConfig;
 };
+
+export function axiosToFetchResponse(
+    axiosRes: AxiosResponse,
+    sanitizeHeadersFn?: (headers: Record<string, string>) => Record<string, string>
+  ): Response {
+    const { data, status, statusText, headers: rawHeaders } = axiosRes;
+  
+    let body: BodyInit;
+    let contentType = 'application/json';
+  
+    if (data instanceof Blob || typeof data === 'string' || data instanceof ArrayBuffer) {
+      body = data;
+      contentType = rawHeaders['content-type'] || 'application/octet-stream';
+    } else {
+      body = JSON.stringify(data);
+    }
+  
+    const headersObj = sanitizeHeadersFn
+      ? sanitizeHeadersFn(
+          Object.fromEntries(
+            Object.entries(rawHeaders).map(([key, value]) => [key, String(value)])
+          )
+        )
+      : Object.fromEntries(
+          Object.entries(rawHeaders).map(([key, value]) => [key, String(value)])
+        );
+  
+    if (!headersObj['content-type']) {
+      headersObj['content-type'] = contentType;
+    }
+  
+    const responseInit: ResponseInit = {
+      status,
+      statusText,
+      headers: new Headers(headersObj),
+    };
+  
+    return new Response(body, responseInit);
+  }
+  
+  export function sanitizeFetchResponseHeader(headers: Record<string, string>): Record<string, string> {
+    const blocked = ['authorization', 'cookie', 'set-cookie'];
+    const sanitized: Record<string, string> = {};
+  
+    for (const [key, value] of Object.entries(headers)) {
+      if (!blocked.includes(key.toLowerCase())) {
+        sanitized[key] = value;
+      }
+    }
+  
+    return sanitized;
+  }