POST Request appears as GET request to Flask app
Hello, I am working on moving a python flask app across from render.com where it runs fine, but when deployed on railway there is an issue. From testing it seems as though separate functions related to the type of request at the same route are all being treated as GET requests. As an example: a POST at myurl/users and a GET at myurl/users are both being recieved as a GET at myurl/users. The same is true for a DELETE request. Does anyone know what could be causing this? thanks
Solution:Jump to solution
it's caused by trying to request with http, please make sure you are using https
9 Replies
Project ID:
7bf323ec-abda-4aaa-834b-3521cc4043f97bf323ec-abda-4aaa-834b-3521cc4043f9
Solution
it's caused by trying to request with http, please make sure you are using https
The request is a https POST request gets redirected and swapped to a http POST request and then redirected and swapped to a https GET request. Not sure what is going on here?
this is how I would expect it to look (how it was working previously on render).
Just as additional information, POST requests to routes that accept only POST requests are working fine, this only seems to happen on routes which accept multiple request types i.e GET, POST, DELETE all at .../api/project
this would be your app sending the additional redirect response to the same location with a trailing slash, except the redirect location your app sent used http.
then that would be render not letting your app do something silly like sending a redirect to an http location
this is a good example of how render holds their users hands and trys to prevent common mistakes, where railway runs your code as is
ah I see, thank you for the explanation! I agree it's good that railway prioritises running code as is. Makes for easier debugging. I wouldn't have even noticed this possible vulnerability otherwise.
I agree, heroku and render both do all sorts of stuff that would allow a lot of bad practices to slip by completing unnoticed