From dd59f1ecbf861cf23d6b3497cddb4b7d352c11ee Mon Sep 17 00:00:00 2001
From: Richard van der Hoff <richard@matrix.org>
Date: Tue, 26 Jul 2022 11:14:05 +0100
Subject: Log when we get an invalid body on certain CS-API requests

Some endpoints currently accept an invalid JSON object in the request body,
which we should stop. As a starting point, let's log when it happens so that we
can fix it.
---
 synapse/rest/client/room.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'synapse/rest/client/room.py')

diff --git a/synapse/rest/client/room.py b/synapse/rest/client/room.py
index 2f513164cb..42a2c72b81 100644
--- a/synapse/rest/client/room.py
+++ b/synapse/rest/client/room.py
@@ -319,9 +319,10 @@ class JoinRoomAliasServlet(ResolveRoomIdMixin, TransactionRestServlet):
 
         try:
             content = parse_json_object_from_request(request)
-        except Exception:
+        except Exception as e:
             # Turns out we used to ignore the body entirely, and some clients
             # cheekily send invalid bodies.
+            logger.warning("Ignoring invalid body on POST %s: %s", request.path, e)
             content = {}
 
         # twisted.web.server.Request.args is incorrectly defined as Optional[Any]
@@ -855,9 +856,10 @@ class RoomMembershipRestServlet(TransactionRestServlet):
 
         try:
             content = parse_json_object_from_request(request)
-        except Exception:
+        except Exception as e:
             # Turns out we used to ignore the body entirely, and some clients
             # cheekily send invalid bodies.
+            logger.warning("Ignoring invalid body on POST %s: %s", request.path, e)
             content = {}
 
         if membership_action == "invite" and self._has_3pid_invite_keys(content):
-- 
cgit 1.5.1