chore: add debug log for failed preview mode cookie verification#90165
chore: add debug log for failed preview mode cookie verification#90165Dustaboy3 wants to merge 4 commits intovercel:canaryfrom
Conversation
## What Adds a debug log when preview mode cookie verification fails in `tryGetPreviewData`. The log is emitted using Next.js' internal `debug` logger and is only visible when the corresponding `DEBUG` namespace is enabled. ## Why Currently, JWT verification failures in preview mode are silently handled by clearing preview data and returning `false`. Adding a debug log improves developer experience when troubleshooting preview/draft mode issues, without introducing production log noise. ## Notes - Uses `next/dist/compiled/debug` - Log is behind the `next:server:preview` namespace - Does not log cookie or token contents - No behavioral changes
|
Allow CI Workflow Run
Note: this should only be enabled once the PR is ready to go and can only be enabled by a maintainer |
|
Allow CI Workflow Run
Note: this should only be enabled once the PR is ready to go and can only be enabled by a maintainer |
|
This PR is ready for review. Could a maintainer please approve the CI workflow run? |
suramkavyasree
left a comment
suramkavyasree
left a comment
There was a problem hiding this comment.
❌ Code Review: Changes Requested
The code introduces a debug log for failed preview mode cookie verification, enhancing developer troubleshooting without affecting production logs. However, there are concerns about potential exposure of error details and lack of error logging in production. Additionally, there are TODO comments that may need addressing.
Issue Summary
| Severity | Count |
|---|---|
| 1 | |
| 🔶 Medium | 1 |
| ℹ️ Info | 2 |
Automated review by Code Review Agent
📋 General Comments
The following issues were found but could not be posted as inline comments (likely due to line number mismatches or being outside the PR diff context):
TODO comment found
File: packages/next/src/server/api-utils/node/try-get-preview-data.ts:32
TODO: use request metadata instead of a symbol
TODO comment found
File: packages/next/src/server/api-utils/node/try-get-preview-data.ts:107
TODO: strict runtime type checking
Remove the error object from the debug log in `tryGetPreviewData` to avoid potential exposure of sensitive information. The log message remains behind the DEBUG namespace and continues to provide context for failed preview mode cookie verification without including any error details. No behavioral changes.
|
The other TODO comments are pre-existing and out of scope for this PR. |
![vercel[bot]](https://avatars.githubusercontent.com/in/8329?s=60&v=4){kind=small}
packages/next/src/server/api-utils/node/try-get-preview-data.ts
Outdated
Show resolved
Hide resolved
Co-authored-by: vercel[bot] <35613825+vercel[bot]@users.noreply.github.com>
3 participants
What
Adds a debug log when preview mode cookie verification fails in
tryGetPreviewData.The log is emitted using Next.js' internal
debuglogger and is only visible when the correspondingDEBUGnamespace is enabled.Why
Currently, JWT verification failures in preview mode are silently handled by clearing preview data and returning
false.Adding a debug log improves developer experience when troubleshooting preview/draft mode issues, without introducing production log noise.
Notes
next/dist/compiled/debugnext:server:previewnamespace