fix: replace internal redirects with 404 responses across workflow pages and block .json path access

balpreetgrowthnatives · balpreetgrowthnatives · commit 434dbc31aeb5 · 2026-06-15T16:37:18.000+05:30
diff --git a/site/src/pages/[locale]/workflows/[slug].astro b/site/src/pages/[locale]/workflows/[slug].astro
@@ -35,6 +35,13 @@ Astro.response.headers.set('CDN-Cache-Control', 'public, max-age=60, stale-while
 
 const { locale, slug } = Astro.params;
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 // Validate locale
 if (!locale || !LOCALES.includes(locale as Locale) || locale === DEFAULT_LOCALE) {
   return Astro.redirect('/workflows/');
@@ -61,7 +68,10 @@ if (detailShareId) {
     if (!is404) {
       console.error('Hub API error on ISR detail:', err);
     }
-    return Astro.redirect(`/${locale}/workflows/`);
+    return new Response(null, {
+      status: 404,
+      statusText: 'Not Found',
+    });
   }
 }
 
@@ -130,7 +140,10 @@ try {
 // link): no profile and no workflows — redirect instead of rendering a page
 // that would title itself "<slug> (@<slug>)" and get indexed by Google.
 if (!isDetailPage && !profileFound && serialized.length === 0) {
-  return Astro.redirect(`/${locale}/workflows/`);
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 const canonicalUrl = absoluteUrl(`/workflows/${slug}/`);
diff --git a/site/src/pages/[locale]/workflows/category/[type].astro b/site/src/pages/[locale]/workflows/category/[type].astro
@@ -31,14 +31,24 @@ const categoryTranslationKeys: Record<MediaType, string> = {
 
 const { locale, type } = Astro.params;
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 // Validate locale
 if (!locale || !LOCALES.includes(locale as Locale) || locale === DEFAULT_LOCALE) {
   return Astro.redirect(`/workflows/category/${type || ''}/`);
 }
 
 // Validate type
 if (!type || !validTypes.includes(type as MediaType)) {
-  return Astro.redirect(`/${locale}/workflows/`);
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 const typedLocale = locale as Locale;
@@ -51,6 +61,13 @@ const description = t('meta.description', typedLocale);
 const allSerialized = await loadSerializedTemplates(() => getCollection('templates'));
 const templates = allSerialized.filter((tmpl) => tmpl.mediaType === mediaType);
 
+if (templates.length === 0) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 const basePath = categoryPath(mediaType);
 const canonicalUrl = absoluteUrl(localizeUrl(basePath, typedLocale));
 
diff --git a/site/src/pages/[locale]/workflows/model/[name].astro b/site/src/pages/[locale]/workflows/model/[name].astro
@@ -23,6 +23,13 @@ import { loadSerializedTemplates, type SerializedTemplate } from '../../../../li
 
 const { locale, name } = Astro.params;
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 // Validate locale
 if (!locale || !LOCALES.includes(locale as Locale) || locale === DEFAULT_LOCALE) {
   return Astro.redirect(`/workflows/model/${name || ''}/`);
@@ -38,7 +45,10 @@ const matchingTemplates = allTemplates.filter((tmpl) =>
 );
 
 if (matchingTemplates.length === 0) {
-  return Astro.redirect(`/${locale}/workflows/`);
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 // Get display name from the first matching model
diff --git a/site/src/pages/[locale]/workflows/tag/[tag].astro b/site/src/pages/[locale]/workflows/tag/[tag].astro
@@ -22,6 +22,13 @@ import { loadSerializedTemplates, type SerializedTemplate } from '../../../../li
 
 const { locale, tag } = Astro.params;
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 // Validate locale
 if (!locale || !LOCALES.includes(locale as Locale) || locale === DEFAULT_LOCALE) {
   return Astro.redirect(`/workflows/tag/${tag || ''}/`);
@@ -37,7 +44,10 @@ const matchingTemplates = allTemplates.filter((tmpl) =>
 );
 
 if (matchingTemplates.length === 0) {
-  return Astro.redirect(`/${locale}/workflows/`);
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 // Get display name from the first matching tag
diff --git a/site/src/pages/workflows/[username].astro b/site/src/pages/workflows/[username].astro
@@ -31,6 +31,13 @@ Astro.response.headers.set(
 const { username: slugParam } = Astro.params;
 const locale = getLocaleFromPath(Astro.url.pathname);
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 if (!slugParam) {
   return Astro.redirect('/workflows/');
 }
@@ -50,7 +57,10 @@ if (detailShareId) {
     if (!is404) {
       console.error('Hub API error on ISR detail:', err);
     }
-    return Astro.redirect('/workflows/');
+    return new Response(null, {
+      status: 404,
+      statusText: 'Not Found',
+    });
   }
 }
 
@@ -97,7 +107,10 @@ try {
 // of rendering a page that would title itself "<slug> (@<slug>)" and get
 // indexed by Google.
 if (!isDetailPage && !profileFound && serialized.length === 0) {
-  return Astro.redirect('/workflows/');
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 const canonicalUrl = absoluteUrl(`/workflows/${slugParam}/`);
