refactor: apply fallback sanitization during settings validation

EmilianoSanchez · EmilianoSanchez · commit 9474cffdb13f · 2025-10-29T16:13:13.000-03:00
diff --git a/src/evaluator/fallbackTreatmentsCalculator/fallbackSanitizer/index.ts b/src/evaluator/fallbackTreatmentsCalculator/fallbackSanitizer/index.ts
@@ -1,4 +1,4 @@
-import { Treatment, TreatmentWithConfig } from '../../../../types/splitio';
+import { FallbackTreatmentConfiguration, Treatment, TreatmentWithConfig } from '../../../../types/splitio';
 import { ILogger } from '../../../logger/types';
 import { isObject, isString } from '../../../utils/lang';
 
@@ -7,59 +7,62 @@ enum FallbackDiscardReason {
   Treatment = 'Invalid treatment (max 100 chars and must match pattern)',
 }
 
-export class FallbacksSanitizer {
+const TREATMENT_PATTERN = /^[0-9]+[.a-zA-Z0-9_-]*$|^[a-zA-Z]+[a-zA-Z0-9_-]*$/;
 
-  private static readonly pattern = /^[0-9]+[.a-zA-Z0-9_-]*$|^[a-zA-Z]+[a-zA-Z0-9_-]*$/;
-
-  private static isValidFlagName(name: string): boolean {
-    return name.length <= 100 && !name.includes(' ');
-  }
+function isValidFlagName(name: string): boolean {
+  return name.length <= 100 && !name.includes(' ');
+}
 
-  private static isValidTreatment(t?: Treatment | TreatmentWithConfig): boolean {
-    const treatment = isObject(t) ? (t as TreatmentWithConfig).treatment : t;
+function isValidTreatment(t?: Treatment | TreatmentWithConfig): boolean {
+  const treatment = isObject(t) ? (t as TreatmentWithConfig).treatment : t;
 
-    if (!isString(treatment) || treatment.length > 100) {
-      return false;
-    }
-    return FallbacksSanitizer.pattern.test(treatment);
+  if (!isString(treatment) || treatment.length > 100) {
+    return false;
   }
+  return TREATMENT_PATTERN.test(treatment);
+}
 
-  static sanitizeGlobal(logger: ILogger, treatment?: Treatment | TreatmentWithConfig): Treatment | TreatmentWithConfig | undefined {
-    if (!this.isValidTreatment(treatment)) {
-      logger.error(
-        `Fallback treatments - Discarded fallback: ${FallbackDiscardReason.Treatment}`
-      );
-      return undefined;
-    }
-    return treatment;
+function sanitizeGlobal(logger: ILogger, treatment?: Treatment | TreatmentWithConfig): Treatment | TreatmentWithConfig | undefined {
+  if (!isValidTreatment(treatment)) {
+    logger.error(`Fallback treatments - Discarded fallback: ${FallbackDiscardReason.Treatment}`);
+    return undefined;
   }
+  return treatment;
+}
+
+function sanitizeByFlag(
+  logger: ILogger,
+  byFlagFallbacks: Record<string, Treatment | TreatmentWithConfig> = {}
+): Record<string, Treatment | TreatmentWithConfig> {
+  const sanitizedByFlag: Record<string, Treatment | TreatmentWithConfig> = {};
 
-  static sanitizeByFlag(
-    logger: ILogger,
-    byFlagFallbacks: Record<string, Treatment | TreatmentWithConfig>
-  ): Record<string, Treatment | TreatmentWithConfig> {
-    const sanitizedByFlag: Record<string, Treatment | TreatmentWithConfig> = {};
+  const entries = Object.keys(byFlagFallbacks);
+  entries.forEach((flag) => {
+    const t = byFlagFallbacks[flag];
+    if (!isValidFlagName(flag)) {
+      logger.error(`Fallback treatments - Discarded flag '${flag}': ${FallbackDiscardReason.FlagName}`);
+      return;
+    }
 
-    const entries = Object.keys(byFlagFallbacks);
-    entries.forEach((flag) => {
-      const t = byFlagFallbacks[flag];
-      if (!this.isValidFlagName(flag)) {
-        logger.error(
-          `Fallback treatments - Discarded flag '${flag}': ${FallbackDiscardReason.FlagName}`
-        );
-        return;
-      }
+    if (!isValidTreatment(t)) {
+      logger.error(`Fallback treatments - Discarded treatment for flag '${flag}': ${FallbackDiscardReason.Treatment}`);
+      return;
+    }
 
-      if (!this.isValidTreatment(t)) {
-        logger.error(
-          `Fallback treatments - Discarded treatment for flag '${flag}': ${FallbackDiscardReason.Treatment}`
-        );
-        return;
-      }
+    sanitizedByFlag[flag] = t;
+  });
 
-      sanitizedByFlag[flag] = t;
-    });
+  return sanitizedByFlag;
+}
 
-    return sanitizedByFlag;
+export function sanitizeFallbacks(logger: ILogger, fallbacks: unknown): FallbackTreatmentConfiguration | undefined {
+  if (!isObject(fallbacks)) {
+    logger.error('Fallback treatments - Discarded fallback: Invalid fallback configuration');
+    return;
   }
+
+  return {
+    global: sanitizeGlobal(logger, (fallbacks as FallbackTreatmentConfiguration).global),
+    byFlag: sanitizeByFlag(logger, (fallbacks as FallbackTreatmentConfiguration).byFlag)
+  };
 }
diff --git a/src/evaluator/fallbackTreatmentsCalculator/index.ts b/src/evaluator/fallbackTreatmentsCalculator/index.ts
@@ -1,8 +1,6 @@
 import { FallbackTreatmentConfiguration, Treatment, TreatmentWithConfig } from '../../../types/splitio';
-import { FallbacksSanitizer } from './fallbackSanitizer';
 import { CONTROL } from '../../utils/constants';
 import { isString } from '../../utils/lang';
-import { ILogger } from '../../logger/types';
 
 export type IFallbackTreatmentsCalculator = {
   resolve(flagName: string, label: string): TreatmentWithConfig & { label: string };
@@ -11,16 +9,7 @@ export type IFallbackTreatmentsCalculator = {
 export const FALLBACK_PREFIX = 'fallback - ';
 
 export class FallbackTreatmentsCalculator implements IFallbackTreatmentsCalculator {
-  private readonly fallbacks: FallbackTreatmentConfiguration;
-
-  constructor(logger: ILogger, fallbacks?: FallbackTreatmentConfiguration) {
-    const sanitizedGlobal = fallbacks?.global ? FallbacksSanitizer.sanitizeGlobal(logger, fallbacks.global) : undefined;
-    const sanitizedByFlag = fallbacks?.byFlag ? FallbacksSanitizer.sanitizeByFlag(logger, fallbacks.byFlag) : {};
-    this.fallbacks = {
-      global: sanitizedGlobal,
-      byFlag: sanitizedByFlag
-    };
-  }
+  constructor(private readonly fallbacks: FallbackTreatmentConfiguration = {}) {}
 
   resolve(flagName: string, label: string): TreatmentWithConfig & { label: string } {
     const treatment = this.fallbacks.byFlag?.[flagName];
diff --git a/src/sdkFactory/index.ts b/src/sdkFactory/index.ts
@@ -61,7 +61,7 @@ export function sdkFactory(params: ISdkFactoryParams): SplitIO.ISDK | SplitIO.IA
     }
   });
 
-  const fallbackTreatmentsCalculator = new FallbackTreatmentsCalculator(settings.log, settings.fallbackTreatments);
+  const fallbackTreatmentsCalculator = new FallbackTreatmentsCalculator(settings.fallbackTreatments);
 
   if (initialRolloutPlan) {
     setRolloutPlan(log, initialRolloutPlan, storage as IStorageSync, key && getMatching(key));
diff --git a/src/utils/settingsValidation/index.ts b/src/utils/settingsValidation/index.ts
@@ -8,6 +8,7 @@ import { ISettings } from '../../types';
 import { validateKey } from '../inputValidation/key';
 import { ERROR_MIN_CONFIG_PARAM, LOG_PREFIX_CLIENT_INSTANTIATION } from '../../logger/constants';
 import { validateRolloutPlan } from '../../storages/setRolloutPlan';
+import { sanitizeFallbacks } from '../../evaluator/fallbackTreatmentsCalculator/fallbackSanitizer';
 
 // Exported for telemetry
 export const base = {
@@ -207,5 +208,8 @@ export function settingsValidation(config: unknown, validationParams: ISettingsV
   // @ts-ignore, modify readonly prop
   withDefaults.userConsent = consent ? consent(withDefaults) : undefined;
 
+  // @ts-ignore, modify readonly prop
+  withDefaults.fallbackTreatments = withDefaults.fallbackTreatments ? sanitizeFallbacks(log, withDefaults.fallbackTreatments) : undefined;
+
   return withDefaults;
 }

Original file line number	Diff line number	Diff line change
`@@ -61,7 +61,7 @@ export function sdkFactory(params: ISdkFactoryParams): SplitIO.ISDK \| SplitIO.IA`
`61`	`61`	`}`
`62`	`62`	`});`
`63`	`63`
`64`		`- const fallbackTreatmentsCalculator = new FallbackTreatmentsCalculator(settings.log, settings.fallbackTreatments);`
	`64`	`+ const fallbackTreatmentsCalculator = new FallbackTreatmentsCalculator(settings.fallbackTreatments);`
`65`	`65`
`66`	`66`	`if (initialRolloutPlan) {`
`67`	`67`	`setRolloutPlan(log, initialRolloutPlan, storage as IStorageSync, key && getMatching(key));`