Don't parse JSON for unauthenticated requests (!101) · Merge requests · GitLab.org / Quality Department / triage-serverless · GitLab

This is an archived project. Repository and other project resources are read-only.

Rémy Coutable requested to merge dont-parse-json-for-unauthenticated-requests into master May 27, 2021

I notice the server is getting unauthenticated calls with random invalid JSON, resulting in JSON parsing errors.

I think it's better to first check that requests are authenticated before parsing their JSON payload.

Action items

When adding a new Triager, verify that it has been added to the DEFAULT_TRIAGERS in triage/triage/handler.rb in the appropriate order.
If applicable, identify the affected groups and how to communicate to them:
- /cc @person_or_group =>
- Relevant Slack channels =>
- Week-in-review

Edited May 27, 2021 by Rémy Coutable