refactor(webhooks): drop redundant null-body branch in capped readers

waleedlatif1 · waleedlatif1 · commit e84b0c32e89b · 2026-06-15T16:53:07.000-07:00
Both capped body readers had an `if (!stream)` fallback to an uncapped
`.text()`/empty string. `readStreamToBufferWithLimit` already returns an
empty buffer for a null stream, so the branch is redundant and the
`.text()` fallback was a theoretical bypass (chunked request, no
content-length, null body). Collapse both to a single capped read.
diff --git a/apps/sim/app/api/webhooks/agentmail/route.ts b/apps/sim/app/api/webhooks/agentmail/route.ts
@@ -43,11 +43,10 @@ const AGENTMAIL_BODY_LABEL = 'AgentMail webhook body'
  */
 async function readAgentMailBody(req: Request): Promise<string> {
   assertContentLengthWithinLimit(req.headers, WEBHOOK_MAX_BODY_BYTES, AGENTMAIL_BODY_LABEL)
-  const stream = req.body
-  if (!stream) {
-    return req.text()
-  }
-  const buffer = await readStreamToBufferWithLimit(stream, {
+  // `readStreamToBufferWithLimit` returns an empty buffer for a null body, so a
+  // single capped read covers the empty-body case without an uncapped `.text()`
+  // fallback that could bypass the limit.
+  const buffer = await readStreamToBufferWithLimit(req.body, {
     maxBytes: WEBHOOK_MAX_BODY_BYTES,
     label: AGENTMAIL_BODY_LABEL,
   })
diff --git a/apps/sim/lib/webhooks/processor.ts b/apps/sim/lib/webhooks/processor.ts
@@ -87,18 +87,14 @@ export async function parseWebhookBody(
   try {
     assertContentLengthWithinLimit(request.headers, WEBHOOK_MAX_BODY_BYTES, WEBHOOK_BODY_LABEL)
 
-    const stream = request.clone().body
-    if (stream) {
-      const buffer = await readStreamToBufferWithLimit(stream, {
-        maxBytes: WEBHOOK_MAX_BODY_BYTES,
-        label: WEBHOOK_BODY_LABEL,
-      })
-      rawBody = new TextDecoder().decode(buffer)
-    } else {
-      // A null body stream means the request carries no body, so the parsed
-      // body is empty — no second clone needed.
-      rawBody = ''
-    }
+    // `readStreamToBufferWithLimit` returns an empty buffer for a null body, so
+    // this single capped read covers the empty-body case too — no branch or
+    // redundant clone, and no uncapped `.text()` fallback to bypass.
+    const buffer = await readStreamToBufferWithLimit(request.clone().body, {
+      maxBytes: WEBHOOK_MAX_BODY_BYTES,
+      label: WEBHOOK_BODY_LABEL,
+    })
+    rawBody = new TextDecoder().decode(buffer)
 
     if (!rawBody || rawBody.length === 0) {
       return { body: {}, rawBody: '' }
