You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
3, because the PR involves changes across multiple JavaScript files and a model file, affecting both front-end and back-end components. The logic of domain handling and URL construction is critical and needs careful review to ensure it doesn't introduce bugs or affect existing functionalities.
🧪 Relevant tests
No
🔍 Possible issues
Possible Bug: The concatenation of domain and get_token_url might not handle edge cases where domain does not end with a slash ('/') and get_token_url does not start with one, potentially leading to malformed URLs.
🔒 Security concerns
No
Code feedback:
relevant file
component/oauth2Content/oauth2Content.js
suggestion
Ensure that the URL concatenation between domain and get_token_url handles cases where either or both might not include a trailing or leading slash, respectively. This can be achieved by using a utility function to safely concatenate URLs. [important]
Similar to the previous suggestion, ensure safe URL concatenation in the backend utility file to prevent potential issues with malformed URLs. Consider implementing or using an existing URL builder utility. [important]
Overview:
The review tool scans the PR code changes, and generates a PR review which includes several types of feedbacks, such as possible PR issues, security threats and relevant test in the PR. More feedbacks can be added by configuring the tool.
The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.
When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
在实际使用过程中发现,如果yapi与接口没有部署在同一个域或服务器下时,无论是校验token请求地址,还是定时刷新Token时,都没有带上当前环境变量的域,导致请求失败。
修改: