AeroGear Push
  1. AeroGear Push
  2. AGPUSH-298

PushServer @DELETE methods violate REST specifications

    Details

    • Similar Issues:
      Show 9 results 

      Description

      According to http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.7, DELETE method should identify resource to be deleted by Resource-URI.

      Methods should not require a application/json formatted body. Note that clients are not so strict here, but some of them simply turn request to POST if body is present. Some of them does not allow DELETE to include a body.

      Current API also duplicates data, for instance pushApplicationID is both part of URI and JSON body.

      More discussions about topic here:

      I'm marking issue as critical as it affects API we are trying to stabilize.

        Gliffy Diagrams

          Activity

          Hide
          Karel Piwko added a comment -

          I'm trying to DELETE /rest/applications/$

          {pushAppId}

          .

          I'm getting HTTP 415. Content-Type header is actually ignored by my client, because it does not expect DELETE to have payload.
          This is from wireshark:

          DELETE /rest/applications/23dd4644-c785-4aec-be3d-8f414ba6c4e2 HTTP/1.1
          Host: agpushmedium-arqtest.rhcloud.com
          Connection: Keep-Alive, TE
          TE: trailers
          User-Agent: RPT-HTTPClient/0.3-3E
          Accept: application/json
          Cookie: JSESSIONID=yt6u4JOJCx3+yaRMY7D0xmPB.undefined
          Cookie2: $Version="1"

          Show
          Karel Piwko added a comment - I'm trying to DELETE /rest/applications/$ {pushAppId} . I'm getting HTTP 415. Content-Type header is actually ignored by my client, because it does not expect DELETE to have payload. This is from wireshark: DELETE /rest/applications/23dd4644-c785-4aec-be3d-8f414ba6c4e2 HTTP/1.1 Host: agpushmedium-arqtest.rhcloud.com Connection: Keep-Alive, TE TE: trailers User-Agent: RPT-HTTPClient/0.3-3E Accept: application/json Cookie: JSESSIONID=yt6u4JOJCx3+yaRMY7D0xmPB.undefined Cookie2: $Version="1"
          Hide
          Matthias Wessendorf added a comment -

          The "problem" is that right now the endpoint 'just' requires the content-type to be application/json. However all the endpoints are NOT reading any payload.

          Here I do get a 415, due to the missing content-type

          curl -3 -v -b cookies.txt -c cookies.txt -v -H "Accept: application/json" -X DELETE https://https-pushee.rhcloud.com/rest/applications/somePushAppID

          However, this works fine (see: no payload submitted):

          curl -3 -v -b cookies.txt -c cookies.txt -v -H "Accept: application/json" -H "Content-type: application/json" -X DELETE https://https-pushee.rhcloud.com/rest/applications/somePushAppID

          Show
          Matthias Wessendorf added a comment - The "problem" is that right now the endpoint 'just' requires the content-type to be application/json. However all the endpoints are NOT reading any payload. Here I do get a 415, due to the missing content-type curl -3 -v -b cookies.txt -c cookies.txt -v -H "Accept: application/json" -X DELETE https://https-pushee.rhcloud.com/rest/applications/somePushAppID However, this works fine (see: no payload submitted): curl -3 -v -b cookies.txt -c cookies.txt -v -H "Accept: application/json" -H "Content-type: application/json" -X DELETE https://https-pushee.rhcloud.com/rest/applications/somePushAppID
          Hide
          Karel Piwko added a comment -

          Until resolved, I've put a note into documentation: https://github.com/aerogear/aerogear.org/pull/130

          Show
          Karel Piwko added a comment - Until resolved, I've put a note into documentation: https://github.com/aerogear/aerogear.org/pull/130
          Hide
          Karel Piwko added a comment -

          Marking this issue as a blocker, because it blocks ability to delete items using iOS pipelines, Android not verified yet.

          Show
          Karel Piwko added a comment - Marking this issue as a blocker, because it blocks ability to delete items using iOS pipelines, Android not verified yet.
          Hide
          Tadeas Kriz added a comment -
          Show
          Tadeas Kriz added a comment - This bug is still present. PR here: https://github.com/aerogear/aerogear-unifiedpush-server/pull/93

            People

            • Assignee:
              Matthias Wessendorf
              Reporter:
              Karel Piwko
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development