fix: replace internal redirects with 404 responses across workflow pages and block .json path access

balpreetgrowthnatives · balpreetgrowthnatives · commit b89f1aef20e0 · 2026-06-15T17:26:58.000+05:30
diff --git a/site/src/pages/[locale]/workflows/[slug].astro b/site/src/pages/[locale]/workflows/[slug].astro
@@ -35,6 +35,13 @@ Astro.response.headers.set('CDN-Cache-Control', 'public, max-age=60, stale-while
 
 const { locale, slug } = Astro.params;
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 // Validate locale
 if (!locale || !LOCALES.includes(locale as Locale) || locale === DEFAULT_LOCALE) {
   return Astro.redirect('/workflows/');
@@ -60,8 +67,18 @@ if (detailShareId) {
     const is404 = err instanceof Error && err.message.includes('404');
     if (!is404) {
       console.error('Hub API error on ISR detail:', err);
+      return new Response(null, {
+        status: 502,
+        statusText: 'Bad Gateway',
+        headers: {
+          'CDN-Cache-Control': 'no-store',
+        },
+      });
     }
-    return Astro.redirect(`/${locale}/workflows/`);
+    return new Response(null, {
+      status: 404,
+      statusText: 'Not Found',
+    });
   }
 }
 
@@ -116,21 +133,34 @@ try {
 // Fetch workflows for this creator from index
 const profiles = await getProfileCache();
 let serialized: SerializedTemplate[] = [];
+let indexFetchFailed = false;
 
 try {
   const entries = await listWorkflowIndex();
   const filtered = entries.filter((e) => (e.profile?.username || e.username) === slug);
   serialized = filtered.map((e) => serializeIndexEntry(e, profiles));
 } catch (err) {
+  indexFetchFailed = true;
   console.error('Hub API failed for creator grid:', err);
-  // Index API failed — show empty grid
 }
 
 // Slug is bogus (e.g. "undefined" or a malformed "<name>-" suffix from a broken
 // link): no profile and no workflows — redirect instead of rendering a page
 // that would title itself "<slug> (@<slug>)" and get indexed by Google.
 if (!isDetailPage && !profileFound && serialized.length === 0) {
-  return Astro.redirect(`/${locale}/workflows/`);
+  if (indexFetchFailed) {
+    return new Response(null, {
+      status: 502,
+      statusText: 'Bad Gateway',
+      headers: {
+        'CDN-Cache-Control': 'no-store',
+      },
+    });
+  }
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 const canonicalUrl = absoluteUrl(`/workflows/${slug}/`);
diff --git a/site/src/pages/[locale]/workflows/category/[type].astro b/site/src/pages/[locale]/workflows/category/[type].astro
@@ -18,7 +18,7 @@ import { localizeUrl } from '../../../../i18n/utils';
 import { SITE_ORIGIN, absoluteUrl } from '../../../../config/site';
 import { categoryPath } from '../../../../lib/routes';
 import { badgeVariants } from '../../../../components/ui/badge';
-import { loadSerializedTemplates, type SerializedTemplate, type MediaType } from '../../../../lib/hub-api';
+import { loadSerializedTemplates, type MediaType } from '../../../../lib/hub-api';
 
 const validTypes: MediaType[] = ['image', 'video', 'audio', '3d'];
 
@@ -31,14 +31,24 @@ const categoryTranslationKeys: Record<MediaType, string> = {
 
 const { locale, type } = Astro.params;
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 // Validate locale
 if (!locale || !LOCALES.includes(locale as Locale) || locale === DEFAULT_LOCALE) {
   return Astro.redirect(`/workflows/category/${type || ''}/`);
 }
 
 // Validate type
 if (!type || !validTypes.includes(type as MediaType)) {
-  return Astro.redirect(`/${locale}/workflows/`);
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 const typedLocale = locale as Locale;
@@ -51,6 +61,13 @@ const description = t('meta.description', typedLocale);
 const allSerialized = await loadSerializedTemplates(() => getCollection('templates'));
 const templates = allSerialized.filter((tmpl) => tmpl.mediaType === mediaType);
 
+if (templates.length === 0) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 const basePath = categoryPath(mediaType);
 const canonicalUrl = absoluteUrl(localizeUrl(basePath, typedLocale));
 
diff --git a/site/src/pages/[locale]/workflows/model/[name].astro b/site/src/pages/[locale]/workflows/model/[name].astro
@@ -19,10 +19,17 @@ import { slugify } from '../../../../lib/slugify';
 import { SITE_ORIGIN, absoluteUrl } from '../../../../config/site';
 import { modelPath } from '../../../../lib/routes';
 import { badgeVariants } from '../../../../components/ui/badge';
-import { loadSerializedTemplates, type SerializedTemplate } from '../../../../lib/hub-api';
+import { loadSerializedTemplates } from '../../../../lib/hub-api';
 
 const { locale, name } = Astro.params;
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 // Validate locale
 if (!locale || !LOCALES.includes(locale as Locale) || locale === DEFAULT_LOCALE) {
   return Astro.redirect(`/workflows/model/${name || ''}/`);
@@ -38,7 +45,10 @@ const matchingTemplates = allTemplates.filter((tmpl) =>
 );
 
 if (matchingTemplates.length === 0) {
-  return Astro.redirect(`/${locale}/workflows/`);
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 // Get display name from the first matching model
diff --git a/site/src/pages/[locale]/workflows/tag/[tag].astro b/site/src/pages/[locale]/workflows/tag/[tag].astro
@@ -18,10 +18,17 @@ import { localizeUrl } from '../../../../i18n/utils';
 import { tagSlug, tagDisplayName } from '../../../../lib/tag-aliases';
 import { SITE_ORIGIN, absoluteUrl } from '../../../../config/site';
 import { badgeVariants } from '../../../../components/ui/badge';
-import { loadSerializedTemplates, type SerializedTemplate } from '../../../../lib/hub-api';
+import { loadSerializedTemplates } from '../../../../lib/hub-api';
 
 const { locale, tag } = Astro.params;
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 // Validate locale
 if (!locale || !LOCALES.includes(locale as Locale) || locale === DEFAULT_LOCALE) {
   return Astro.redirect(`/workflows/tag/${tag || ''}/`);
@@ -37,7 +44,10 @@ const matchingTemplates = allTemplates.filter((tmpl) =>
 );
 
 if (matchingTemplates.length === 0) {
-  return Astro.redirect(`/${locale}/workflows/`);
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 // Get display name from the first matching tag
diff --git a/site/src/pages/workflows/[username].astro b/site/src/pages/workflows/[username].astro
@@ -31,6 +31,13 @@ Astro.response.headers.set(
 const { username: slugParam } = Astro.params;
 const locale = getLocaleFromPath(Astro.url.pathname);
 
+if (Astro.url.pathname.endsWith('.json/')) {
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
+}
+
 if (!slugParam) {
   return Astro.redirect('/workflows/');
 }
@@ -49,8 +56,18 @@ if (detailShareId) {
     const is404 = err instanceof Error && err.message.includes('404');
     if (!is404) {
       console.error('Hub API error on ISR detail:', err);
+      return new Response(null, {
+        status: 502,
+        statusText: 'Bad Gateway',
+        headers: {
+          'CDN-Cache-Control': 'no-store',
+        },
+      });
     }
-    return Astro.redirect('/workflows/');
+    return new Response(null, {
+      status: 404,
+      statusText: 'Not Found',
+    });
   }
 }
 
@@ -83,21 +100,35 @@ try {
 // Fetch workflows for this creator from index
 const profiles = await getProfileCache();
 let serialized: SerializedTemplate[] = [];
+let indexFetchFailed = false;
 
 try {
   const entries = await listWorkflowIndex();
   const filtered = entries.filter((e) => (e.profile?.username || e.username) === slugParam);
   serialized = filtered.map((e) => serializeIndexEntry(e, profiles));
-} catch {
-  // Index API failed — show empty grid
+} catch (err) {
+  indexFetchFailed = true;
+  console.error('Hub API failed for creator grid:', err);
 }
 
 // Slug is bogus (e.g. "undefined" or a malformed "<name>-" suffix from a broken
 // link): not a workflow detail, no profile, and no workflows — redirect instead
 // of rendering a page that would title itself "<slug> (@<slug>)" and get
 // indexed by Google.
 if (!isDetailPage && !profileFound && serialized.length === 0) {
-  return Astro.redirect('/workflows/');
+  if (indexFetchFailed) {
+    return new Response(null, {
+      status: 502,
+      statusText: 'Bad Gateway',
+      headers: {
+        'CDN-Cache-Control': 'no-store',
+      },
+    });
+  }
+  return new Response(null, {
+    status: 404,
+    statusText: 'Not Found',
+  });
 }
 
 const canonicalUrl = absoluteUrl(`/workflows/${slugParam}/`);
