Harden default-prefix sanitization for file path errors

cursoragent · shrisukhani · cursoragent · commit 888c8a0bda21 · 2026-02-14T21:52:04.000Z
Co-authored-by: Shri Sukhani &lt;shrisukhani@users.noreply.github.com&gt;
diff --git a/hyperbrowser/client/file_utils.py b/hyperbrowser/client/file_utils.py
@@ -16,7 +16,11 @@ def _normalize_error_prefix(prefix: object, *, default_prefix: str) -> str:
         normalized_default_prefix = _DEFAULT_OPEN_ERROR_MESSAGE_PREFIX
     else:
         try:
-            stripped_default_prefix = normalized_default_prefix.strip()
+            sanitized_default_prefix = "".join(
+                "?" if ord(character) < 32 or ord(character) == 127 else character
+                for character in normalized_default_prefix
+            )
+            stripped_default_prefix = sanitized_default_prefix.strip()
         except Exception:
             stripped_default_prefix = _DEFAULT_OPEN_ERROR_MESSAGE_PREFIX
         if not is_plain_string(stripped_default_prefix) or not stripped_default_prefix:
diff --git a/tests/test_file_path_display_helper_usage.py b/tests/test_file_path_display_helper_usage.py
@@ -15,6 +15,7 @@ def test_file_path_error_messages_use_shared_display_helper():
     for module_path in FILE_PATH_DISPLAY_MODULES:
         module_text = Path(module_path).read_text(encoding="utf-8")
         assert "build_file_path_error_message(" in module_text
+        assert "default_prefix=" in module_text
         assert "format_file_path_for_error(" not in module_text
         assert 'missing_file_message=f"' not in module_text
         assert 'not_file_message=f"' not in module_text
diff --git a/tests/test_file_utils.py b/tests/test_file_utils.py
@@ -371,6 +371,16 @@ def test_build_file_path_error_message_uses_open_default_when_default_prefix_inv
     assert message == "Failed to open file at path: /tmp/path.txt"
 
 
+def test_build_file_path_error_message_sanitizes_default_prefix_when_prefix_invalid():
+    message = build_file_path_error_message(
+        "/tmp/path.txt",
+        prefix=123,  # type: ignore[arg-type]
+        default_prefix="Custom\tdefault",
+    )
+
+    assert message == "Custom?default: /tmp/path.txt"
+
+
 def test_build_open_file_error_message_uses_default_prefix_for_non_string():
     message = build_open_file_error_message(
         "/tmp/path.txt",
