Details
-
Bug
-
Resolution: Unresolved
-
Blocker
-
None
-
None
-
None
Description
A client-side javascript app is performing the following request:
DELETE /apiman-gateway/org/service/1.1/resource/7 HTTP/1.1 Host: 172.17.0.1:8080 User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0 Accept: application/json, text/plain, */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Authorization: Bearer $ACCESS_TOKEN Referer: http://172.17.0.1:3000/ Origin: http://172.17.0.1:3000 Connection: keep-alive
But the gateway is performing the following request to the endpoint:
DELETE /service/rest/resource/7 HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Origin: http://172.17.0.1:3000 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Authorization: Bearer $ACCESS_TOKEN Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, */* Referer: http://172.17.0.1:3000/ Host: 172.17.0.1:8280 Content-Type: application/x-www-form-urlencoded Content-Length: 0
Resulting in a 415 Unsupported Media Type at the endpoint.
GET, POST and PUT requests are OK.
Only using CORS Policy for this endpoint:
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, authrotization, content-type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Access-Control-Max-Age: 3600