This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
Synapse accepts /join and /leave with empty JSON bodies when it shouldn't
#16367
Labels
A-Spec-Compliance
places where synapse does not conform to the spec
Comments
reivilibre
added
the
A-Spec-Compliance
|
Duplicate #13388? I think we used to have these warnings, but I turned them off because the log spam was irritating: #14600 Rich politely pointed out this means we don't know how many clients are omitting the request bodies. We could revert that PR? |
|
Yeah, this is a duplicate |
Looks like #16365 attempts to do this? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Like all PUT and POST requests other than the media ones (and /logout...),
/join,/leaveand likely others are supposed to take a JSON body, e.g. {} if nothing special is required. Currently Synapse as at v1.92.3 does not require this.Unlike for
/forget(#16366), I haven't added warnings for these as it's clear the issue is more widespread and I don't have time to descend into an endless rabbit hole here.We should see if any clients are hitting this and then a future version should cut this off completely (or maybe we end up giving up and specifying that these can have no bodies...)
The text was updated successfully, but these errors were encountered: