ronething commented on issue #8792: URL: https://github.com/apache/apisix/issues/8792#issuecomment-1418664768
> So please use httpbin.org/post as your upstream when you want to test POST request. @mscb402 maybe it's not the point, but you can test like below. After create consumer `baz` and `hello` ``` $ curl http://127.0.0.1:9180/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/*", "upstream": { "type": "roundrobin", "nodes": { "127.0.0.1:8080": 1 } }, "plugins": { "basic-auth": {}, "consumer-restriction": { "whitelist":[ "baz" ], "allowed_by_methods":[{ "user": "baz", "methods": ["GET"] }] } } }' {"key":"/apisix/routes/1","value":{"priority":0,"plugins":{"basic-auth":{"hide_credentials":false},"consumer-restriction":{"whitelist":["baz"],"type":"consumer_name","rejected_code":403,"allowed_by_methods":[{"user":"baz","methods":["GET"]}]}},"upstream":{"type":"roundrobin","hash_on":"vars","scheme":"http","nodes":{"127.0.0.1:8080":1},"pass_host":"pass"},"uri":"/*","status":1,"id":"1","update_time":1675670501,"create_time":1674875420}} $ curl -i -ubaz:foo http://127.0.0.1:9080/get -X GET HTTP/1.1 200 OK Content-Type: application/json Content-Length: 265 Connection: keep-alive Date: Mon, 06 Feb 2023 08:01:47 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Server: APISIX/3.1.0 { "args": {}, "headers": { "Accept": "*/*", "Authorization": "Basic YmF6OmZvbw==", "Host": "127.0.0.1:9080", "User-Agent": "curl/7.79.1", "X-Forwarded-Host": "127.0.0.1" }, "origin": "127.0.0.1", "url": "http://127.0.0.1/get"; } $ curl -i -ubaz:foo http://127.0.0.1:9080/post -X POST HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Date: Mon, 06 Feb 2023 08:01:57 GMT Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Server: APISIX/3.1.0 { "args": {}, "data": "", "files": {}, "form": {}, "headers": { "Accept": "*/*", "Authorization": "Basic YmF6OmZvbw==", "Host": "127.0.0.1:9080", "User-Agent": "curl/7.79.1", "X-Forwarded-Host": "127.0.0.1" }, "json": null, "origin": "127.0.0.1", "url": "http://127.0.0.1/post"; } ``` you will see POST method is allowed but we don't set it in the `allowed_by_methods` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
