Skip to content

Return HTTP 400 with informative message for client-side protobuf val…#6989

Open
indrajababu wants to merge 3 commits into
opensearch-project:mainfrom
indrajababu:fix/informative-4xx-for-invalid-protobuf
Open

Return HTTP 400 with informative message for client-side protobuf val…#6989
indrajababu wants to merge 3 commits into
opensearch-project:mainfrom
indrajababu:fix/informative-4xx-for-invalid-protobuf

Conversation

@indrajababu

@indrajababu indrajababu commented Jul 10, 2026

Copy link
Copy Markdown

Description

When a client sends a protobuf request containing invalid UTF-8 in string fields
(e.g., InstrumentationScope name/version), the pipeline currently returns HTTP 500
with a generic error. This change returns HTTP 400 with a client-actionable message
explaining the issue.

Changes

  • Override apply() in GrpcRequestExceptionHandler to intercept
    InvalidProtocolBufferException before Armeria's default short-circuit
  • Detect via stable cause-chain type check (not brittle message string)
  • Apply same fix to HTTP path handlers in otel-logs-source and otel-trace-source
  • Add wire-level integration test proving HTTP 400 for invalid UTF-8 protobuf

Testing

  • Unit tests: 9 passing in armeria-common (3 new)
  • Integration test: posts invalid-UTF-8 protobuf to unframed endpoint, asserts 400

Issues Resolved

Resolves #6991

Check List

  • New functionality includes testing.
  • New functionality has a documentation issue. Please link to it in this PR.
    • New functionality has javadoc added
  • Commits are signed with a real name per the DCO

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

…idation errors

Signed-off-by: Indraja Babu <indbabu@amazon.com>

@dlvenable dlvenable left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @indrajababu for this contribution to Data Prepper!

badRequestsCounter.increment();
return Status.INVALID_ARGUMENT.withDescription(InvalidRequestExceptions.INVALID_PROTOBUF_MESSAGE).withCause(cause);
}
if (InvalidRequestExceptions.isUndecodableCompressedFrame(cause)) {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You have two conditions that you change here. Are there more that should be 400? Is there a helper within Armeria that can say "this can be a 400?"

+ "libraries producing this telemetry and correct the source emitting the malformed data.";

public static final String COMPRESSED_FRAME_MESSAGE =
"Unable to decode the compressed request frame. This is a client-side data issue, not a server error. "

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a client-side data issue, not a server error.

This might not be completely accurate. It is an indicator of a mismatch.

Maybe say:

This is a problem with the client-side request or a misconfiguration of the pipeline source.

final String grpcMessage = response.headers().get("grpc-message");
final String detail = grpcMessage != null ? grpcMessage : response.contentUtf8();
assertThat("Client should receive an informative, client-side-oriented message",
detail, containsString("client-side data issue"));

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a good approach to testing. But, I'd look more for this string instead: contain valid UTF-8

}

@Test
void unframedRequests_protobufWithInvalidUtf8_returns400WithInformativeMessage() {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you also have a test for invalid compression?

indrajababu and others added 2 commits July 10, 2026 15:56
…ch/dataprepper/InvalidRequestExceptions.java

Co-authored-by: David Venable <dev@venable.io>
Signed-off-by: Indraja Babu <156961807+indrajababu@users.noreply.github.com>
…ch/dataprepper/InvalidRequestExceptions.java

Co-authored-by: David Venable <dev@venable.io>
Signed-off-by: Indraja Babu <156961807+indrajababu@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

OTel source returns HTTP 500 for client-side protobuf validation errors instead of 400

2 participants