summary refs log tree commit diff
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2022-07-26 11:14:05 +0100
committerRichard van der Hoff <richard@matrix.org>2022-07-26 11:16:47 +0100
commitdd59f1ecbf861cf23d6b3497cddb4b7d352c11ee (patch)
tree84661eeb42de5e6ae6705f4245af61ebf1a1f2b1
parentUpdate config_documentation.md (#13364) (diff)
downloadsynapse-rav/log_invalid_bodies.tar.xz
Log when we get an invalid body on certain CS-API requests github/rav/log_invalid_bodies rav/log_invalid_bodies
Some endpoints currently accept an invalid JSON object in the request body,
which we should stop. As a starting point, let's log when it happens so that we
can fix it.
-rw-r--r--changelog.d/13386.misc1
-rw-r--r--synapse/rest/client/room.py6
2 files changed, 5 insertions, 2 deletions
diff --git a/changelog.d/13386.misc b/changelog.d/13386.misc
new file mode 100644
index 0000000000..ac0d9c9c08
--- /dev/null
+++ b/changelog.d/13386.misc
@@ -0,0 +1 @@
+Log when we get an invalid request body on room membership requests.
diff --git a/synapse/rest/client/room.py b/synapse/rest/client/room.py
index 2f513164cb..42a2c72b81 100644
--- a/synapse/rest/client/room.py
+++ b/synapse/rest/client/room.py
@@ -319,9 +319,10 @@ class JoinRoomAliasServlet(ResolveRoomIdMixin, TransactionRestServlet):
 
         try:
             content = parse_json_object_from_request(request)
-        except Exception:
+        except Exception as e:
             # Turns out we used to ignore the body entirely, and some clients
             # cheekily send invalid bodies.
+            logger.warning("Ignoring invalid body on POST %s: %s", request.path, e)
             content = {}
 
         # twisted.web.server.Request.args is incorrectly defined as Optional[Any]
@@ -855,9 +856,10 @@ class RoomMembershipRestServlet(TransactionRestServlet):
 
         try:
             content = parse_json_object_from_request(request)
-        except Exception:
+        except Exception as e:
             # Turns out we used to ignore the body entirely, and some clients
             # cheekily send invalid bodies.
+            logger.warning("Ignoring invalid body on POST %s: %s", request.path, e)
             content = {}
 
         if membership_action == "invite" and self._has_3pid_invite_keys(content):