[
https://issues.apache.org/jira/browse/FINERACT-1423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17439587#comment-17439587
]
Petri Tuomola commented on FINERACT-1423:
-----------------------------------------
This is because of the redirect to HTTPS, which does not seem to retain the
HTTP method.
Either we should fix this, or disable HTTP altogether.
> http (i.e. non-SSL) only responds with GET to any requests (POST / PUT /
> DELETE)
> --------------------------------------------------------------------------------
>
> Key: FINERACT-1423
> URL: https://issues.apache.org/jira/browse/FINERACT-1423
> Project: Apache Fineract
> Issue Type: Bug
> Affects Versions: 1.5.0
> Reporter: Petri Tuomola
> Priority: Major
>
> If you access any API using method POST / PUT / DELETE but with http (not
> HTTPS), Fineract responds as if you had done a GET.
> So PUT /fineract-provider/api/v1/offices/2 is actually actioned as GET
> /fineract-provider/api/v1/offices/2 when done with http
> If you change to https, everything works well.
> This means that HTTP endpoint is pretty much dead for all practical purposes.
> To avoid confusion, my suggestion would be that we disable this and just
> reject any call to HTTP, rather than responding with the incorrect response.
> HTTP is anyway insecure and should not be used.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
