Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1655173 - API PUT call redirection from HTTP to HTTPS loses content-type header content, results in 415 error
Summary: API PUT call redirection from HTTP to HTTPS loses content-type header content...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: API
Version: 6.4.0
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: Unspecified
Assignee: satellite6-bugs
QA Contact: Jitendra Yejare
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-11-30 20:38 UTC by Pablo Hess
Modified: 2020-07-06 14:40 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-07-06 14:40:21 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 3726931 0 None None None 2018-11-30 20:47:18 UTC

Description Pablo Hess 2018-11-30 20:38:55 UTC
Description of problem:
If I issue an http (not https) API PUT request against Satellite 6.4.0 (or older) it fails with this message:

{
"error": {"message":"'Content-Type: ' is unsupported in API v2 for POST and PUT requests. Please use 'Content-Type: application/json'."}
}


Example script:
~~~
#!/usr/bin/env python2

import requests
import json

SATELLITE = 'satellite.example.com'
HEADERS = {'content-type': 'application/json'}
URL = 'http://' + SATELLITE + '/api/v2/hosts/78'
DATA = json.dumps({
  "host": {
    "managed": "false"
  }
})

r = requests.put(URL, auth=('admin', 'p@$$w0rd'), headers=HEADERS, data=DATA)
print r.text
~~~


production.log shows:
~~~
2018-11-30T18:26:07 [I|app|] Started PUT "/api/v2/hosts/78" for 172.21.0.254 at 2018-11-30 18:26:07 -0200
2018-11-30T18:26:07 [I|app|09545] Processing by Api::V2::HostsController#update as JSON
2018-11-30T18:26:07 [I|app|09545]   Parameters: {"host"=>{"managed"=>"false"}, "apiv"=>"v2", "id"=>"78"}
2018-11-30T18:26:07 [I|app|09545] Redirected to https://satellite.example.com/api/v2/hosts/78
2018-11-30T18:26:07 [I|app|09545] Filter chain halted as #<Proc:0x00000000087ccf60@/opt/theforeman/tfm-ror51/root/usr/share/gems/gems/actionpack-5.1.6/lib/act
ion_controller/metal/force_ssl.rb:65> rendered or redirected
2018-11-30T18:26:07 [I|app|09545] Completed 301 Moved Permanently in 1ms (ActiveRecord: 0.0ms)
2018-11-30T18:26:08 [I|app|] Started PUT "/api/v2/hosts/78" for 172.21.0.254 at 2018-11-30 18:26:08 -0200
2018-11-30T18:26:08 [I|app|436da] Processing by Api::V2::HostsController#update as JSON
2018-11-30T18:26:08 [I|app|436da]   Parameters: {"apiv"=>"v2", "id"=>"78"}
2018-11-30T18:26:08 [I|app|436da] Current user: foreman_admin (administrator)
2018-11-30T18:26:08 [I|app|436da] Authorized user admin(Admin User)
2018-11-30T18:26:08 [I|app|436da] Current user: admin (administrator)
2018-11-30T18:26:08 [I|app|436da]   Rendering api/v2/errors/unsupported_content_type.json.rabl within api/v2/layouts/error_layout
2018-11-30T18:26:08 [I|app|436da]   Rendered api/v2/errors/unsupported_content_type.json.rabl within api/v2/layouts/error_layout (1.3ms)
2018-11-30T18:26:08 [I|app|436da] Filter chain halted as :check_content_type rendered or redirected
2018-11-30T18:26:08 [I|app|436da] Completed 415 Unsupported Media Type in 51ms (Views: 6.8ms | ActiveRecord: 19.2ms)
~~~


Version-Release number of selected component (if applicable):
Satellite 6.4.0 but also applies to 6.3.5 and likely older versions as well.

How reproducible:
Every time.
This issue only affects PUT requests. GET and DELETE requests are successfully redirected to https without losing the content-type header value.

Steps to Reproduce:
1. Run the script above

Actual results:
The script fails to run, Satellite sends error message stating 'content-type' header is empty when it's actually not.

Expected results:
The script should run, or the error message should make it clear that API calls need to use HTTPS only.

Additional info:

Comment 3 Bryan Kearney 2020-06-09 15:00:52 UTC
The Satellite Team is attempting to provide an accurate backlog of bugzilla requests which we feel will be resolved in the next few releases. We do not believe this bugzilla will meet that criteria, and have plans to close it out in 1 month. This is not a reflection on the validity of the request, but a reflection of the many priorities for the product. If you have any concerns about this, feel free to contact Red Hat Technical Support or your account team. If we do not hear from you, we will close this bug out. Thank you.

Comment 4 Bryan Kearney 2020-07-06 14:40:21 UTC
Thank you for your interest in Satellite 6. We have evaluated this request, and while we recognize that it is a valid request, we do not expect this to be implemented in the product in the foreseeable future. This is due to other priorities for the product, and not a reflection on the request itself. We are therefore closing this out as WONTFIX. If you have any concerns about this, please do not reopen. Instead, feel free to contact Red Hat Technical Support. Thank you.


Note You need to log in before you can comment on or make changes to this bug.