fix(router-core): avoid null bytes in dehydrated SSR match ids

[VihaanAgarwal]

Summary

dehydrateSsrMatchId encodes match IDs for the SSR hydration payload by replacing / with \0. That encoding came from #6739, so the dehydrated ids stop looking like relative URLs that crawlers pick up as phantom pages.

The catch is that U+0000 is forbidden in the HTML input stream (the control-character-in-input-stream parse error in the HTML spec). The dehydrated ids are inlined into the $tsr-stream-barrier <script>, so every SSR response ends up with raw null bytes and fails markup validation. validator.w3.org reports Saw U+0000 in stream (#7581). It only works in browsers today because the parser silently rewrites those null bytes to U+FFFD, which is exactly why hydrateSsrMatchId already carries a � -> / fallback.

This swaps the delimiter from \0 to � (U+FFFD REPLACEMENT CHARACTER):

• it still contains no /, so the SSR dehydrated match IDs are URL-shaped strings — Google crawls them as phantom URLs #6739 crawler fix holds
• U+FFFD is a valid HTML character, so the payload validates and the delimiter survives transport intact instead of depending on the parser to mangle it
• hydrateSsrMatchId already decodes � -> /, so the client side needs no change

The existing \0 -> / decode branch is left in place so any payload still carrying a null byte keeps round-tripping.

Testing

Added a codec test asserting the dehydrated id has no C0 control characters. It fails on main and passes with this change.

• nx run @tanstack/router-core:test:unit (39 files, 1179 passed)
• nx run @tanstack/router-core:test:types
• nx run @tanstack/router-core:test:eslint
• nx run @tanstack/router-core:build

Fixes #7581

Summary by CodeRabbit

• Bug Fixes

  • Fixed SSR match-ID encoding to use valid Unicode characters instead of null bytes, resolving HTML validator rejection issues.
  • Maintained backward compatibility with existing SSR payloads.

• Tests

  • Added comprehensive test coverage for edge cases and safety constraints in SSR match-ID encoding.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 730cf1ad-5772-4d48-9656-f50ac6c840a4

📥 Commits

Reviewing files that changed from the base of the PR and between ac821f4 and 2c29488.

📒 Files selected for processing (3)

• .changeset/ssr-match-id-null-byte.md
• packages/router-core/src/ssr/ssr-match-id.ts
• packages/router-core/tests/ssr-match-id.test.ts

---

📝 Walkthrough

Walkthrough

dehydrateSsrMatchId is updated to encode forward slashes as U+FFFD (Unicode replacement character) instead of U+0000 (null byte), eliminating invalid characters from SSR HTML payloads. hydrateSsrMatchId is left unchanged to remain backward-compatible. Two new tests and a changeset entry accompany the fix.

SSR Match-ID Null-Byte Fix

Layer / File(s)	Summary
Encoding change, tests, and changeset packages/router-core/src/ssr/ssr-match-id.ts, packages/router-core/tests/ssr-match-id.test.ts, .changeset/ssr-match-id-null-byte.md	dehydrateSsrMatchId maps / to \uFFFD instead of \0; two new tests assert backward-compat hydration of legacy null-byte payloads and confirm dehydrated output contains no C0 control characters; patch release documented in changeset.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Suggested labels

package: router-core

Suggested reviewers

• schiller-manuel

Poem

🐇 A null byte crept into my HTML stream,
The validator cried — it was quite a bad scene.
I swapped it for U+FFFD with a hop,
Now the W3 validator says: "Please don't stop!"
Valid HTML at last — what a glorious dream! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately summarizes the main change: replacing null bytes with a valid character in dehydrated SSR match IDs, directly addressing the core issue.
Linked Issues check	✅ Passed	All code changes directly implement the requirements from issue #7581: replacing U+0000 null bytes with U+FFFD replacement character in dehydrated match IDs while maintaining backward compatibility.
Out of Scope Changes check	✅ Passed	All changes are focused on the SSR match ID encoding issue. The changeset, encoder fix, and test additions are all scoped to addressing the null byte problem in HTML validation.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}