From 56c42b5cc5f2932740eaf231d06472ddadb29bf1 Mon Sep 17 00:00:00 2001
From: Andrew Kuny <akuny@flexion.us>
Date: Wed, 21 Jan 2026 15:20:04 -0500
Subject: [PATCH] 1659: sanitize pagination inputs before passing back to user

---
 apps/api/src/website/website.controller.ts | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/apps/api/src/website/website.controller.ts b/apps/api/src/website/website.controller.ts
index 6d9249a8..1c6c1516 100644
--- a/apps/api/src/website/website.controller.ts
+++ b/apps/api/src/website/website.controller.ts
@@ -34,15 +34,24 @@ export class WebsiteController {
     type: PaginatedWebsiteResponseDto,
   })
   @ApiInternalServerErrorResponse({
-    // This decorator is For OpenAPI/Swagger documentation
+    // This decorator is For OpenAPI/Swagger documentation.
     description: 'This response type indicates an internal error.',
   })
   async getResults(@Query() query: FilterWebsiteDto) {
+    // Ensure pagination values are safe integers within expected bounds to
+    // prevent passing unsanitized user input downstream.
+    const safePage = Math.max(1, Math.floor(Number(query.page) || 1));
+    const safeLimit = Math.min(
+      100,
+      Math.max(1, Math.floor(Number(query.limit) || 10)),
+    );
+
     const websites = await this.websiteService.paginatedFilter(query, {
-      page: query.page,
-      limit: query.limit,
+      page: safePage,
+      limit: safeLimit,
       route: `/${WEBSITE_ROUTE_NAME}`,
     });
+
     return websites;
   }
 
@@ -61,7 +70,7 @@ export class WebsiteController {
       'This response indicated that there is no matching `target_url` in the database',
   })
   @ApiInternalServerErrorResponse({
-    // This decorator is For OpenAPI/Swagger documentation
+    // This decorator is For OpenAPI/Swagger documentation.
     description: 'This response type indicates an internal error.',
   })
   async getResultByUrl(@Param('url') url: string) {