Query string abuse causing 5xxs (#23501)

heiskr · web-flow · commit 86b5a52b3ea6 · 2021-12-08T21:05:32.000Z
diff --git a/components/hooks/useQuery.ts b/components/hooks/useQuery.ts
@@ -11,19 +11,33 @@ export const useQuery = (): QueryInfo => {
       ? router.query.query[0]
       : router.query.query || ''
 
-  let debug = false
-  if (router.query.debug) {
-    // Now `router.query.debug` is either string or any array of strings
-    debug = Boolean(
-      JSON.parse(Array.isArray(router.query.debug) ? router.query.debug[0] : router.query.debug)
-    )
-  } else if (router.query.debug === '') {
-    // E.g. `?query=foo&debug` should be treated as truthy
-    debug = true
-  }
+  const debug = parseDebug(router.query.debug)
 
   return {
     query,
     debug,
   }
 }
+
+function parseDebug(debug: string | Array<string> | undefined) {
+  if (debug === '') {
+    // E.g. `?query=foo&debug` should be treated as truthy
+    return true
+  }
+
+  if (!debug) {
+    return false
+  }
+
+  // Now `router.query.debug` is either string or any array of strings
+  if (Array.isArray(debug)) {
+    debug = debug[0]
+  }
+
+  try {
+    debug = JSON.parse(debug)
+    return Boolean(debug)
+  } catch (e) {}
+
+  return false
+}
