Sanitize APIResponse model and key display diagnostics

cursoragent · shrisukhani · cursoragent · commit 7b517dd1ce6e · 2026-02-13T19:47:53.000Z
Co-authored-by: Shri Sukhani &lt;shrisukhani@users.noreply.github.com&gt;
diff --git a/hyperbrowser/transport/base.py b/hyperbrowser/transport/base.py
@@ -5,6 +5,24 @@
 from hyperbrowser.exceptions import HyperbrowserError
 
 T = TypeVar("T")
+_TRUNCATED_DISPLAY_SUFFIX = "... (truncated)"
+_MAX_MODEL_NAME_DISPLAY_LENGTH = 120
+_MAX_MAPPING_KEY_DISPLAY_LENGTH = 120
+
+
+def _sanitize_display_text(value: str, *, max_length: int) -> str:
+    sanitized_value = "".join(
+        "?" if ord(character) < 32 or ord(character) == 127 else character
+        for character in value
+    ).strip()
+    if not sanitized_value:
+        return ""
+    if len(sanitized_value) <= max_length:
+        return sanitized_value
+    available_length = max_length - len(_TRUNCATED_DISPLAY_SUFFIX)
+    if available_length <= 0:
+        return _TRUNCATED_DISPLAY_SUFFIX
+    return f"{sanitized_value[:available_length]}{_TRUNCATED_DISPLAY_SUFFIX}"
 
 
 def _safe_model_name(model: object) -> str:
@@ -14,12 +32,23 @@ def _safe_model_name(model: object) -> str:
         return "response model"
     if not isinstance(model_name, str):
         return "response model"
-    normalized_model_name = model_name.strip()
+    normalized_model_name = _sanitize_display_text(
+        model_name, max_length=_MAX_MODEL_NAME_DISPLAY_LENGTH
+    )
     if not normalized_model_name:
         return "response model"
     return normalized_model_name
 
 
+def _format_mapping_key_for_error(key: str) -> str:
+    normalized_key = _sanitize_display_text(
+        key, max_length=_MAX_MAPPING_KEY_DISPLAY_LENGTH
+    )
+    if normalized_key:
+        return normalized_key
+    return "<blank key>"
+
+
 class APIResponse(Generic[T]):
     """
     Wrapper for API responses to standardize sync/async handling.
@@ -66,9 +95,10 @@ def from_json(
             except HyperbrowserError:
                 raise
             except Exception as exc:
+                key_display = _format_mapping_key_for_error(key)
                 raise HyperbrowserError(
                     f"Failed to parse response data for {model_name}: "
-                    f"unable to read value for key '{key}'",
+                    f"unable to read value for key '{key_display}'",
                     original_error=exc,
                 ) from exc
         try:
diff --git a/tests/test_transport_base.py b/tests/test_transport_base.py
@@ -65,6 +65,42 @@ def __call__(self, **kwargs):
         raise RuntimeError("call failed")
 
 
+class _LongControlNameCallableModel:
+    __name__ = "  Model\t" + ("x" * 200)
+
+    def __call__(self, **kwargs):
+        _ = kwargs
+        raise RuntimeError("call failed")
+
+
+class _BrokenBlankKeyValueMapping(Mapping[str, object]):
+    def __iter__(self):
+        return iter(["   "])
+
+    def __len__(self) -> int:
+        return 1
+
+    def __getitem__(self, key: str) -> object:
+        if key == "   ":
+            raise RuntimeError("cannot read blank key value")
+        raise KeyError(key)
+
+
+class _BrokenLongKeyValueMapping(Mapping[str, object]):
+    _KEY = "bad\t" + ("k" * 200)
+
+    def __iter__(self):
+        return iter([self._KEY])
+
+    def __len__(self) -> int:
+        return 1
+
+    def __getitem__(self, key: str) -> object:
+        if key == self._KEY:
+            raise RuntimeError("cannot read long key value")
+        raise KeyError(key)
+
+
 def test_api_response_from_json_parses_model_data() -> None:
     response = APIResponse.from_json(
         {"name": "job-1", "retries": 2}, _SampleResponseModel
@@ -159,6 +195,39 @@ def test_api_response_from_json_uses_default_name_for_blank_model_name() -> None
         )
 
 
+def test_api_response_from_json_sanitizes_and_truncates_model_name_in_errors() -> None:
+    with pytest.raises(
+        HyperbrowserError,
+        match=r"Failed to parse response data for Model\?x+\.\.\. \(truncated\)",
+    ):
+        APIResponse.from_json(
+            {"name": "job-1"},
+            cast("type[_SampleResponseModel]", _LongControlNameCallableModel()),
+        )
+
+
+def test_api_response_from_json_uses_placeholder_for_blank_mapping_key_in_errors() -> None:
+    with pytest.raises(
+        HyperbrowserError,
+        match=(
+            "Failed to parse response data for _SampleResponseModel: "
+            "unable to read value for key '<blank key>'"
+        ),
+    ):
+        APIResponse.from_json(_BrokenBlankKeyValueMapping(), _SampleResponseModel)
+
+
+def test_api_response_from_json_sanitizes_and_truncates_mapping_keys_in_errors() -> None:
+    with pytest.raises(
+        HyperbrowserError,
+        match=(
+            "Failed to parse response data for _SampleResponseModel: "
+            r"unable to read value for key 'bad\?k+\.\.\. \(truncated\)'"
+        ),
+    ):
+        APIResponse.from_json(_BrokenLongKeyValueMapping(), _SampleResponseModel)
+
+
 def test_api_response_from_json_preserves_hyperbrowser_errors() -> None:
     with pytest.raises(HyperbrowserError, match="model validation failed") as exc_info:
         APIResponse.from_json({}, _RaisesHyperbrowserModel)
