Log when we get an invalid body on certain CS-API requests github/rav/log_invalid_bodies rav/log_invalid_bodies

Some endpoints currently accept an invalid JSON object in the request body,
which we should stop. As a starting point, let's log when it happens so that we
can fix it.

2 files changed, 5 insertions, 2 deletions

diff --git a/changelog.d/13386.misc b/changelog.d/13386.misc
new file mode 100644
index 0000000000..ac0d9c9c08
--- /dev/null
+++ b/changelog.d/13386.misc
@@ -0,0 +1 @@
+Log when we get an invalid request body on room membership requests.
diff --git a/synapse/rest/client/room.py b/synapse/rest/client/room.py
index 2f513164cb..42a2c72b81 100644
--- a/synapse/rest/client/room.py
+++ b/synapse/rest/client/room.py
@@ -319,9 +319,10 @@ class JoinRoomAliasServlet(ResolveRoomIdMixin, TransactionRestServlet):
 
         try:
             content = parse_json_object_from_request(request)
-        except Exception:
+        except Exception as e:
             # Turns out we used to ignore the body entirely, and some clients
             # cheekily send invalid bodies.
+            logger.warning("Ignoring invalid body on POST %s: %s", request.path, e)
             content = {}
 
         # twisted.web.server.Request.args is incorrectly defined as Optional[Any]
@@ -855,9 +856,10 @@ class RoomMembershipRestServlet(TransactionRestServlet):
 
         try:
             content = parse_json_object_from_request(request)
-        except Exception:
+        except Exception as e:
             # Turns out we used to ignore the body entirely, and some clients
             # cheekily send invalid bodies.
+            logger.warning("Ignoring invalid body on POST %s: %s", request.path, e)
             content = {}
 
         if membership_action == "invite" and self._has_3pid_invite_keys(content):