From 5d88f909c57e9f6e14b3a96bad0cc1272168fa0c Mon Sep 17 00:00:00 2001
From: Rhys Evans <rhys.evans@ft.com>
Date: Tue, 26 May 2020 22:50:43 +0100
Subject: [PATCH 1/2] Return 400, not 500, when POST body missing

This is a user error, not a server error, so a 400 status would be more appropriate, and consistent with how mistakes in GET requests are handled. The current behaviour is making it difficult for my team to write monitoring that is triggered by real server errors; if just a single user persistently sends requests missing a body it's enough to trigger alarms.
---
 packages/apollo-server-core/src/runHttpQuery.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/apollo-server-core/src/runHttpQuery.ts b/packages/apollo-server-core/src/runHttpQuery.ts
index c229fe87cf7..21528e7ee00 100644
--- a/packages/apollo-server-core/src/runHttpQuery.ts
+++ b/packages/apollo-server-core/src/runHttpQuery.ts
@@ -208,7 +208,7 @@ export async function processHTTPRequest<TContext>(
     case 'POST':
       if (!httpRequest.query || Object.keys(httpRequest.query).length === 0) {
         throw new HttpQueryError(
-          500,
+          400,
           'POST body missing. Did you forget use body-parser middleware?',
         );
       }

From c616b1d49ca22c3ffa455b5ef8b3f83832becbc7 Mon Sep 17 00:00:00 2001
From: Rhys Evans <rhys.evans@ft.com>
Date: Tue, 26 May 2020 22:57:11 +0100
Subject: [PATCH 2/2] update test to match new error status

---
 packages/apollo-server-integration-testsuite/src/index.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/apollo-server-integration-testsuite/src/index.ts b/packages/apollo-server-integration-testsuite/src/index.ts
index a5dd026108f..c2678e512e7 100644
--- a/packages/apollo-server-integration-testsuite/src/index.ts
+++ b/packages/apollo-server-integration-testsuite/src/index.ts
@@ -241,7 +241,7 @@ export default (createApp: CreateAppFunc, destroyApp?: DestroyAppFunc) => {
           .post('/graphql')
           .send();
         return req.then(res => {
-          expect(res.status).toEqual(500);
+          expect(res.status).toEqual(400);
           expect(res.error.text).toMatch('POST body missing.');
         });
       });