fix(types): handle undefined cases

Yizack · Yizack · commit b9359edd50e2 · 2025-08-06T13:15:23.000+02:00
diff --git a/src/runtime/server/lib/validators/mailchannels.ts b/src/runtime/server/lib/validators/mailchannels.ts
@@ -12,6 +12,8 @@ const validateContentDigest = async (header: string, body: string) => {
   if (!match) return false
 
   const [, algorithm, hash] = match
+  if (!algorithm || !hash) return false
+
   const normalizedAlgorithm = algorithm.replace('-', '').toLowerCase()
 
   if (!['sha256'].includes(normalizedAlgorithm)) return false
@@ -20,7 +22,7 @@ const validateContentDigest = async (header: string, body: string) => {
 
 const extractSignature = (signatureHeader: string): string | null => {
   const signatureMatch = signatureHeader.match(/sig_\d+=:([^:]+):/)
-  return signatureMatch ? signatureMatch[1] : null
+  return signatureMatch && signatureMatch[1] ? signatureMatch[1] : null
 }
 
 const extractInputValues = (header: string) => {
@@ -31,7 +33,7 @@ const extractInputValues = (header: string) => {
 
   return {
     name: match[1],
-    timestamp: Number.parseInt(match[3], 10),
+    timestamp: Number.parseInt(match[3] || '', 10),
     algorithm: match[4],
     keyId: match[5],
   }
diff --git a/src/runtime/server/lib/validators/svix.ts b/src/runtime/server/lib/validators/svix.ts
@@ -25,6 +25,8 @@ export const isValidSvixWebhook = async (event: H3Event): Promise<boolean> => {
 
   const payload = `${webhookId}.${webhookTimestamp}.${body}`
   const secretKey = config.secretKey.split('_')[1]
+
+  if (!secretKey) return false
   const signatureEntries = webhookSignature.split(' ')
 
   for (const signatureEntry of signatureEntries) {
diff --git a/test/simulations/svix.ts b/test/simulations/svix.ts
@@ -11,7 +11,7 @@ const secretKey = nuxtConfig.runtimeConfig?.webhook?.svix?.secretKey
 export const simulateSvixEvent = async (key: string = secretKey!) => {
   const timestamp = Math.floor(Date.now() / 1000).toString()
   const payload = `${webhookId}.${timestamp}.${body}`
-  const secretKeyBase64 = key.split('_')[1]
+  const secretKeyBase64 = key.split('_')[1]!
   const signatureBuffer = Buffer.from(secretKeyBase64, 'base64')
   const signature = await subtle.importKey('raw', signatureBuffer, HMAC_SHA256, false, ['sign'])
   const hmac = await subtle.sign(HMAC_SHA256.name, signature, encoder.encode(payload))
