API post request without an Accept header returns 406

mbauman · January 5, 2021, 8:22pm

RFC 7231 suggests that a request with a missing Accept header should be treated as */*, but hitting the API POST endpoint for a data explorer query without said header returns 406 Not Acceptable. I’m not sure if this is specific to data explorer or if it applies to other POSTs, too. All the other GETs I’ve used haven’t had this issue.

It so happens that curl and Python’s requests append Accept: */* to all their requests by default, but not all tools do. You can see this behavior by disabling curl's default with an empty header, e.g.,

curl -X POST "https://discourse.example.com/admin/plugins/explorer/queries/26/run" \
-H "Content-Type: multipart/form-data;" \
-H "Api-Key: <your_all_users_api_key>" \
-H "Api-Username: system" \
-H "Accept:"

Not a major thing, but it might be something that other tools hit, too… and it seems like it could be a simple fix, especially since all other endpoints I’ve used work without it.

sam · January 7, 2021, 2:20am

This is very likely coming from the Rails stack (not Discourse), very likely complicated to work around.

I can see some assertions in actionpack for 406 status.

Going to recategorize this as feature for now, since there is a trivial workaround and appears to be by design in Rails.

Topic		Replies	Views
HTTP 404 when text/html is not first in accept request header Bug pr-welcome , rest-api	4	653	March 31, 2023
Request header field User-Api-Key is not allowed by Access-Control-Allow-Headers Bug	7	2484	August 31, 2018
Docker_manager doesn't accept API keys Bug pr-welcome	3	518	February 27, 2019
Validation error even when parameter passed while running data explorer API with Curl Support	5	1110	May 25, 2021
How to run Data Explorer queries with Python Data & reporting rest-api	4	1053	April 29, 2020

API post request without an Accept header returns 406

Related topics