fix: Handle multipart file uploads in GraphQL proxy #11773
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
The GraphQL API proxy routes were using JSON.stringify(req.body) which corrupts multipart form data for file uploads. Changes: - Disable Next.js body parsing to get raw request body - Detect multipart requests via Content-Type header - Forward multipart bodies as raw Buffer, not JSON stringified - Keep JSON request handling unchanged Fixes #11772 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
MaxGhenis
force-pushed
the
fix/graphql-multipart-proxy
branch
from
6b2ab92 to
014cc7c
Compare
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
pages/api/graphql/v1.js
Outdated
Comment on lines
61
to
63
| const rawBody = await getRawBody(req); | ||
| const jsonBody = JSON.parse(rawBody.toString() || '{}'); | ||
| body = JSON.stringify(jsonBody); |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
Address Sentry review feedback: JSON.parse() without try/catch causes unhandled errors when clients send malformed JSON. Now returns a proper 400 Bad Request with GraphQL-formatted error response instead of crashing. Added test cases for both v1 and v2 proxies to verify behavior. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
Author
Sentry Review AddressedAdded error handling for Manual Testing NoteThe unit tests comprehensively cover:
Full manual testing with actual file upload requires a valid staging account. The dev server starts successfully and the API proxy routes are accessible at |
Comment on lines
+24
to
+30
| async function getRawBody(req) { | ||
| const chunks = []; | ||
| for await (const chunk of req) { | ||
| chunks.push(chunk); | ||
| } | ||
| return Buffer.concat(chunks); | ||
| } |
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
Address Sentry review feedback: getRawBody() did not handle stream errors. If a client disconnects during a file upload, the stream emits an error that was previously unhandled, causing the server to crash. Now wraps the body reading in try/catch and returns a proper 500 response with GraphQL-formatted error message. Added test cases for both v1 and v2 proxies to verify behavior. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
Author
Second Sentry Review AddressedAdded stream error handling (commit 0fbf2b3):
All Sentry feedback now addressed:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes opencollective/opencollective#8458
Fixes opencollective/opencollective#8456
The GraphQL API proxy routes (
pages/api/graphql/v1.jsandv2.js) were usingJSON.stringify(req.body)which corrupts multipart form data for file uploads via theuseGraphQLFileUploaderhook.This also resolves the API issue opencollective/opencollective#8456 - while the direct API endpoint (
api.opencollective.com) still has infrastructure issues with multipart, the frontend Apollo client uses the proxy path (/api/graphql/v2) which now works correctly.Changes
bodyParser: false) to get raw request bodyContent-TypeheaderTest plan
Related
🤖 Generated with Claude Code