prettyJSON throws on invalid query parameters

[lincolnremi]

What version of Hono are you using?

4.7.2

What runtime/platform is your app running on? (with version if possible)

NodeJS v20.16.0

What steps can reproduce the bug?

prettyJSON calls HonoRequest.query() without a try clause, so when an invalid query parameter is passed, it throws the URIError: URI Malformed error.

Here is the code:

import { serve } from '@hono/node-server'
import { Hono } from 'hono'
import { prettyJSON } from "hono/pretty-json";

const app = new Hono()
app.use("*", prettyJSON());

app.get('/', (c) => {
  return c.text('Hello Hono!')
})

serve({
  fetch: app.fetch,
  port: 3000
}, (info) => {
  console.log(`Server is running on http://localhost:${info.port}`)
})

This code was obtained by running npm create hono@latest and adding two lines for importing and using prettyJSON.

What is the expected behavior?

It should not throw an error

What do you see instead?

Making requests to the server throws the error as follows:

lincolnbergeson@Lincolns-MacBook-Pro-2 ~ % curl 'localhost:3000'
Hello Hono!%
lincolnbergeson@Lincolns-MacBook-Pro-2 ~ % curl 'localhost:3000?%E0%A4%A'
Internal Server Error%

And the server logs:

Server is running on http://localhost:3000
URIError: URI malformed
    at decodeURIComponent (<anonymous>)
    at _decodeURI (file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/utils/url.js:132:38)
    at _getQueryParam (file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/utils/url.js:171:14)
    at HonoRequest.query (file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/request.js:41:12)
    at prettyJSON2 (file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/middleware/pretty-json/index.js:5:26)
    at dispatch (file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/compose.js:22:23)
    at file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/compose.js:5:12
    at file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/hono-base.js:195:31
    at #dispatch (file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/hono-base.js:205:7)
    at fetch (file:///Users/lincolnbergeson/Documents/GitHub/hono-demo/node_modules/hono/dist/hono-base.js:208:26)

Additional information

No response

[lincolnremi]

This patch should work:

diff --git a/src/middleware/pretty-json/index.ts b/src/middleware/pretty-json/index.ts
index bc198e58..a5428f7d 100644
--- a/src/middleware/pretty-json/index.ts
+++ b/src/middleware/pretty-json/index.ts
@@ -40,7 +40,15 @@ interface PrettyOptions {
 export const prettyJSON = (options?: PrettyOptions): MiddlewareHandler => {
   const targetQuery = options?.query ?? 'pretty'
   return async function prettyJSON(c, next) {
-    const pretty = c.req.query(targetQuery) || c.req.query(targetQuery) === ''
+    let pretty;
+    try {
+      pretty = c.req.query(targetQuery) || c.req.query(targetQuery) === ''
+    } catch (e) {
+      // Ignore URIError caused by invalid query parameter
+      if (!(e instanceof URIError)) {
+        throw e;
+      }
+    }
     await next()
     if (pretty && c.res.headers.get('Content-Type')?.startsWith('application/json')) {
       const obj = await c.res.json()

I can put this into a PR & test if the maintainers are open to it