nic-6443 commented on code in PR #13634:
URL: https://github.com/apache/apisix/pull/13634#discussion_r3498181977


##########
apisix/plugins/ai-prompt-guard.lua:
##########
@@ -97,6 +97,24 @@ local function get_content_to_check(conf, messages)
 end
 
 
+-- Flatten a single message's content into `content`. OpenAI Chat allows 
content
+-- to be either a plain string or an array of typed parts (e.g.
+-- {type = "text", text = "..."}), so collect the text parts instead of 
inserting
+-- the table as-is, which would later break table.concat.
+local function append_message_text(content, msg)
+    if type(msg.content) == "string" then
+        core.table.insert(content, msg.content)
+    elseif type(msg.content) == "table" then
+        for _, part in ipairs(msg.content) do
+            if type(part) == "table" and part.type == "text"
+                    and type(part.text) == "string" then
+                core.table.insert(content, part.text)
+            end
+        end
+    end
+end

Review Comment:
   Thanks, but I don't think a guard belongs here. A string element doesn't 
actually raise — Lua resolves `("..."):content` to `nil` through the string 
metatable, so it's just skipped (verified locally). A bare number/boolean 
element would raise, but that isn't new in this PR: the previous code already 
did `msg.content`, and the role filter right above does `msg.role` on each 
element, so a non-table element was indexed exactly the same way before. Since 
the `match_all_roles=false` path reaches `msg.role` first, adding a guard only 
to this helper wouldn't prevent that crash anyway.
   
   So handling malformed (non-table) message elements is a separate, 
pre-existing concern from the structured-content shapes this PR fixes — I'd 
keep it out of scope here.
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to