Do not log body not consumed errors for http verbs that should not have a body

Question

Do not log body not consumed errors for http verbs that should not have a body

GabrielCappelli opened this issue a year ago · comments

Is there an existing issue for this?

I have searched the existing issues

Is your feature request related to a problem? Please describe.

We have clients outside our control that send GET requests with http body. We dont care about the body in those requests (in fact, they shouldn't be sending it at all). But Sanic is logging it as an error and causing our logs to be polluted.

Describe the solution you'd like

We would like for this to not be logged for HTTP verbs that should not have a body (GET, DELETE, OPTIONS, etc)

Additional context

No response

Adam Hopkins · Answer 1 · Thu Feb 16 2023 02:08:45 GMT+0800 (China Standard Time)

It is precisely the use case to let you know that it is happening. Otherwise you would never know. We could look into changing the log level though, or adding some other way to silence them. But, in general, removing of the message for those methods would be counter to the message existing and would otherwise make some debugging very hard.

Ivan ROGER · Answer 2 · Tue Feb 13 2024 01:07:16 GMT+0800 (China Standard Time)

I came across a similar issue and I believe it fit here. If not I can open a new issue.

The default http check from HAProxy performs a request that looks like this :

GET /health HTTP/1.0
content-length: 0

When presented with such a request sanic logs an error in the form of : [sanic.error] <Request: GET /health> body not consumed.

The issue here is with the content-length header being sent for a GET request that should not contain a payload.

Even though the value is 0 Sanic seems to believe the request has a payload.

The RFCs are not clear as to whether it is actually allowed or forbidden to send this header for GET requests :

Nevertheless I believe that in this specific case (A Content-Length header with a value of 0 for a request that isn't expecting a payload) the error could be silently ignored (do not log the body not consumed message)

Adam Hopkins · Answer 3 · Mon Apr 01 2024 21:49:09 GMT+0800 (China Standard Time)

I still believe this is the correct behavior. Sanic should notify, and if you know you get requests like this, it can be silenced by accepting on these routes. See comment here: #2915 (comment)