fix(server): validate JSON data, sanitize inputs, and harden query parsing.

2026-05-03 22:43:11 +05:30
parent e8b5beca5e
commit 4c548ebc61
1 changed files with 8 additions and 0 deletions
@@ -42,6 +42,14 @@ def main():
        try:
            req = json.loads(raw_line)
            query = req.get("query", "")
+            if not isinstance(query, str):
+                query = str(query)
+            query = query.strip()
+            if not query:
+                response = {"error": "query must be a non-empty string"}
+                sys.stdout.write(json.dumps(response) + "\n")
+                sys.stdout.flush()
+                continue
            top_n = max(1, min(int(req.get("top_n", 5)), 20))
            results, latency = retriever.retrieve(query, top_n=top_n)
            response = {"results": results, "latency_seconds": round(latency, 4)}