CodeRabbit Refactor suggestion: use 1008 instead of 1002 #1757
Description
🛠️ Refactor suggestion
Use correct WebSocket close code for policy/application errors (1008, not 1002)
1002 is “Protocol Error”. Unauthorized/forbidden/invalid flag/pattern/not found are application/policy violations → 1008 is the appropriate standard code. Keep 1011 for internal errors. Optionally, consider 4000+ custom codes for fine-grained UX.
| {
success: false;
- code: 1002;
+ code: 1008; // Policy Violation
error: string;
reason:
| "ClientJoinMessageSchema"
| "Flag invalid"
| "Flag restricted"
| "Forbidden"
| "Not found"
| "Pattern invalid"
| "Pattern restricted"
| "Pattern unlisted"
| "Unauthorized";
}Follow-up: update all returns in this function that set code: 1002 to 1008.
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
{
success: false;
code: 1008; // Policy Violation
error: string;
reason:
| "ClientJoinMessageSchema"
| "Flag invalid"
| "Flag restricted"
| "Forbidden"
| "Not found"
| "Pattern invalid"
| "Pattern restricted"
| "Pattern unlisted"
| "Unauthorized";
}
🤖 Prompt for AI Agents
In src/server/worker/websocket/handler/message/PreJoinHandler.ts around lines 68
to 71, the WebSocket close code 1002 is incorrectly used for application or
policy errors. Replace all instances of code 1002 in this function with 1008,
which is the correct standard code for unauthorized, forbidden, or invalid
requests. Keep code 1011 for internal errors and optionally consider using
custom codes 4000+ for more specific cases.
Originally posted by @coderabbitai[bot] in #1756 (comment)