summary refs log tree commit diff
path: root/synapse/rest/client
diff options
context:
space:
mode:
authorDaniel Wagner-Hall <dawagner@gmail.com>2016-02-24 08:50:28 +0000
committerDaniel Wagner-Hall <dawagner@gmail.com>2016-02-24 08:50:28 +0000
commit869580206daa5aa940d079fc907f75dea7770505 (patch)
treee5320a37ed78d23732dad9d3d1ccc5ddc8800d5f /synapse/rest/client
parentMerge pull request #603 from matrix-org/erikj/presence (diff)
downloadsynapse-869580206daa5aa940d079fc907f75dea7770505.tar.xz
Ignore invalid POST bodies when joining rooms
Diffstat (limited to 'synapse/rest/client')
-rw-r--r--synapse/rest/client/v1/room.py14
1 files changed, 12 insertions, 2 deletions
diff --git a/synapse/rest/client/v1/room.py b/synapse/rest/client/v1/room.py
index 07a2a5dd82..f5ed4f7302 100644
--- a/synapse/rest/client/v1/room.py
+++ b/synapse/rest/client/v1/room.py
@@ -228,7 +228,12 @@ class JoinRoomAliasServlet(ClientV1RestServlet):
             allow_guest=True,
         )
 
-        content = _parse_json(request)
+        try:
+            content = _parse_json(request)
+        except:
+            # Turns out we used to ignore the body entirely, and some clients
+            # cheekily send invalid bodies.
+            content = {}
 
         if RoomID.is_valid(room_identifier):
             room_id = room_identifier
@@ -427,7 +432,12 @@ class RoomMembershipRestServlet(ClientV1RestServlet):
         }:
             raise AuthError(403, "Guest access not allowed")
 
-        content = _parse_json(request)
+        try:
+            content = _parse_json(request)
+        except:
+            # Turns out we used to ignore the body entirely, and some clients
+            # cheekily send invalid bodies.
+            content = {}
 
         if membership_action == "invite" and self._has_3pid_invite_keys(content):
             yield self.handlers.room_member_handler.do_3pid_invite(