hainenber commented on code in PR #39940:
URL: https://github.com/apache/superset/pull/39940#discussion_r3259723780
##########
superset-frontend/src/utils/pathUtils.ts:
##########
@@ -35,9 +35,16 @@ const SAFE_ABSOLUTE_URL_RE = /^(https?|ftp|mailto|tel):/i;
* Potentially dangerous schemes such as javascript: and data: are not treated
* as absolute and will be prefixed.
*
+ * If `path` is null or undefined, it falls back to the application root so the
+ * caller (e.g. partial theme overrides leaving brand tokens unset) doesn't
+ * crash.
+ *
* @param path A string path or URL to a resource
*/
-export function ensureAppRoot(path: string): string {
+export function ensureAppRoot(path: string | null | undefined): string {
+ if (!path) {
Review Comment:
Let's prioritize the security validation check below before doing any return
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
