core icon indicating copy to clipboard operation
core copied to clipboard
verified publisher icon api-platform

Invalid submitted json is reported as server error

Open rimas-kudelis opened this issue 3 years ago • 0 comments

API Platform version(s) affected: 2.6.8

Description
When invalid JSON is being submitted to a POST endpoint, a 500 status code is being returned even though invalid input is a user error, not that of the server. A proper status code for this case would be 400, I think.

How to reproduce
Submit intentionally broken JSON body to a POST endpoint, e.g., without a closing brace.

For a quick demo:

  1. Open https://demo.sylius.com/api/v2/.
  2. Find the group of requests named "Customer".
  3. Expand the POST endpoint
  4. paste the following body and submit the request: 
    {
  "firstName": "John",
  "lastName": "Doe",
  "email": "[email protected]",
  "password": "Password",
  "subscribedToNewsletter": true
  5. Note that you get a 500 server error. If you add the missing brace, you'll get an expected response code (204 or 422).

rimas-kudelis avatar Apr 05 '22 13:04 rimas-kudelis