From 7b13780c54aef09a2ed1fe35325100a652100cb7 Mon Sep 17 00:00:00 2001 From: LEdoian Date: Mon, 26 Oct 2020 14:55:21 +0100 Subject: Check status codes that profile handler returns (#8580) Fixes #8520 Signed-off-by: Pavel Turinsky Co-authored-by: Erik Johnston --- changelog.d/8580.bugfix | 1 + synapse/handlers/profile.py | 7 +++++++ 2 files changed, 8 insertions(+) create mode 100644 changelog.d/8580.bugfix diff --git a/changelog.d/8580.bugfix b/changelog.d/8580.bugfix new file mode 100644 index 0000000000..31734fd97d --- /dev/null +++ b/changelog.d/8580.bugfix @@ -0,0 +1 @@ +Fix a bug where Synapse would blindly forward bad responses from federation to clients when retrieving profile information. diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py index da5692e03e..3875e53c08 100644 --- a/synapse/handlers/profile.py +++ b/synapse/handlers/profile.py @@ -98,6 +98,13 @@ class ProfileHandler(BaseHandler): except RequestSendFailed as e: raise SynapseError(502, "Failed to fetch profile") from e except HttpResponseException as e: + if e.code < 500 and e.code != 404: + # Other codes are not allowed in c2s API + logger.info( + "Server replied with wrong response: %s %s", e.code, e.msg + ) + + raise SynapseError(502, "Failed to fetch profile") raise e.to_synapse_error() async def get_profile_from_cache(self, user_id: str) -> JsonDict: -- cgit 1.4.1