From 2660a5cca11cd85951fb13e2f8093fc7ecba0c69 Mon Sep 17 00:00:00 2001 From: shun jiang Date: Wed, 4 Mar 2026 16:20:20 -0800 Subject: [PATCH] make print badinput request disabled default --- config/requestvalidation.go | 5 +++++ endpoints/openrtb2/auction.go | 14 ++++++++++---- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/config/requestvalidation.go b/config/requestvalidation.go index 0824f4da880..5d693579083 100644 --- a/config/requestvalidation.go +++ b/config/requestvalidation.go @@ -14,6 +14,11 @@ type RequestValidation struct { IPv6PrivateNetworks []string `mapstructure:"ipv6_private_networks,flow"` IPv6PrivateNetworksParsed []net.IPNet + + // LogBadInputRequestBody enables logging of raw request body for badinput errors. + // When enabled, the raw HTTP request body will be logged even if it's not valid JSON. + // Default is false (disabled). + LogBadInputRequestBody bool `mapstructure:"log_badinput_request_body"` } // Parse converts the CIDR representation of the IPv4 and IPv6 private networks as net.IPNet structs, or returns an error if at least one is invalid. diff --git a/endpoints/openrtb2/auction.go b/endpoints/openrtb2/auction.go index a879d9c632b..4a75a709570 100644 --- a/endpoints/openrtb2/auction.go +++ b/endpoints/openrtb2/auction.go @@ -193,7 +193,7 @@ func (deps *endpointDeps) Auction(w http.ResponseWriter, r *http.Request, _ http req, impExtInfoMap, storedAuctionResponses, storedBidResponses, bidderImpReplaceImp, account, rawRequestBody, errL := deps.parseRequest(r, &labels, hookExecutor) if errortypes.ContainsFatalError(errL) { - logBadInputRequest(errL, req, rawRequestBody) + logBadInputRequest(errL, req, rawRequestBody, deps.cfg.RequestValidation.LogBadInputRequestBody) if writeError(errL, w, &labels) { return } @@ -239,7 +239,7 @@ func (deps *endpointDeps) Auction(w http.ResponseWriter, r *http.Request, _ http err := deps.setIntegrationType(req, account) if err != nil { errL = append(errL, err) - logBadInputRequest(errL, req, rawRequestBody) + logBadInputRequest(errL, req, rawRequestBody, deps.cfg.RequestValidation.LogBadInputRequestBody) writeError(errL, w, &labels) return } @@ -285,7 +285,7 @@ func (deps *endpointDeps) Auction(w http.ResponseWriter, r *http.Request, _ http rejectErr, isRejectErr := hookexecution.CastRejectErr(err) if err != nil && !isRejectErr { if errortypes.ReadCode(err) == errortypes.BadInputErrorCode { - logBadInputRequest([]error{err}, req, rawRequestBody) + logBadInputRequest([]error{err}, req, rawRequestBody, deps.cfg.RequestValidation.LogBadInputRequestBody) writeError([]error{err}, w, &labels) return } @@ -1938,7 +1938,7 @@ func setDoNotTrackImplicitly(httpReq *http.Request, r *openrtb_ext.RequestWrappe } // logBadInputRequest logs the request and errors for badinput cases -func logBadInputRequest(errs []error, req *openrtb_ext.RequestWrapper, rawRequestBody []byte) { +func logBadInputRequest(errs []error, req *openrtb_ext.RequestWrapper, rawRequestBody []byte, logRequestBody bool) { // Check if this is a badinput case (not BlockedApp, AccountDisabled, or MalformedAcct) isBadInput := true for _, err := range errs { @@ -1953,6 +1953,12 @@ func logBadInputRequest(errs []error, req *openrtb_ext.RequestWrapper, rawReques return } + // Only log request body if the feature is enabled + if !logRequestBody { + logger.Errorf("/openrtb2/auction BadInput errors: %v", errs) + return + } + // Log the request and errors for badinput // Prefer raw request body if available (even if it's not valid JSON) if len(rawRequestBody) > 0 {