Rules Hub
Coding Rules Library
← Back to all rules
Rule priority, scope & exceptions
Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).
backend ruleP1stack specificStack: node
validationerror-handlingapi-routesrobustness
Guard JSON.parse of request bodies against missing or malformed input
Don't assume `req.body` exists and is valid JSON; validate it (and the types of extracted fields) before parsing and passing values downstream.
PR: hegnar-forum-web · org-mining-hist-2026-06Created: Jun 20, 2026
Bad example
Old codets
| 1 | const { comment } = JSON.parse(req.body); // throws if body absent/not JSON; comment is any |
Explanation (EN)
Objašnjenje (HR)
Good example
New codets
| 1 | if (!req.body) return res.status(400).json({ message: 'Missing body' }); |
| 2 | const { comment } = JSON.parse(req.body) as { comment: string }; |
Explanation (EN)
Objašnjenje (HR)