diff --git a/web/src/billing/helpers.ts b/web/src/billing/helpers.ts
index 2d975e9e36..863acd5dae 100644
--- a/web/src/billing/helpers.ts
+++ b/web/src/billing/helpers.ts
@@ -97,17 +97,18 @@ export function create_ajax_request(
         },
         error(xhr) {
             $(form_loading).hide();
-            if (xhr.responseJSON?.msg) {
-                $(form_error).show().text(xhr.responseJSON.msg);
+            const parsed = z.object({msg: z.string()}).safeParse(xhr.responseJSON);
+            if (parsed.success) {
+                $(form_error).show().text(parsed.data.msg);
             }
             $(form_input_section).show();
             error_callback(xhr);
 
             if (xhr.status === 401) {
                 // User session timed out, we need to login again.
-                const login_url = JSON.parse(xhr.responseText)?.login_url;
-                if (login_url !== undefined) {
-                    window.location.href = login_url;
+                const parsed = z.object({login_url: z.string()}).safeParse(xhr.responseJSON);
+                if (parsed.success) {
+                    window.location.href = parsed.data.login_url;
                 }
             }
         },