The problem with not denying it by default is someone can come by and delete objects out of the cache. Do you have any ideas on making this better? Unfortunately origins like httpd will respond back with 200 responses on the DELETE methods by default (using php in my test), so we can’t rely on the origins response code to know if/when to delete the cached object. Right now we don’t make sure the origin responses back with a 200 response before we delete the object from cache. Maybe that should be changed? I am not an expert on webdav, so any input would be helpful.
-Bryan > On Nov 2, 2016, at 2:49 PM, Jered Floyd <[email protected]> wrote: > > > Sudheer, > > Aha! > > Thank you; that also resolves a long-standing issue I've had with CalDAV > entry modification. This is perhaps a questionable default... > > --Jered > > ----- On Nov 2, 2016, at 5:44 PM, Sudheer Vinukonda > <[email protected]> wrote: > The default traffic server install blocks DELETE method from anywhere outside > of the localhost. > > You can modify it as needed for your env. > > https://docs.trafficserver.apache.org/en/latest/admin-guide/files/ip_allow.config.en.html?highlight=ip_allow#ip-allow-config > > <https://docs.trafficserver.apache.org/en/latest/admin-guide/files/ip_allow.config.en.html?highlight=ip_allow#ip-allow-config> > > Thanks, > > Sudheer > > > > From: Jered Floyd <[email protected]> > To: [email protected] > Sent: Wednesday, November 2, 2016 2:37 PM > Subject: ERR_PROXY_DENIED on DELETE requests? (Grafana behind ATS) > > > Hello fellow ATS users, > > I just ran into a bit of a head-scratcher that I bet someone here knows the > answer to. > > I recently set up a Grafana install behind ATS 6.2.0, and have found that I > can't delete dashboards, un-star things, or anything else involving the > DELETE verb. When I access the origin server directly there are no problems. > When going through ATS, the operation results in a "403 Access Denied" in > the error popup. > > ATS logs show instances like: > 1478122046.588 0 [my client IP] ERR_PROXY_DENIED/403 198 DELETE http://[my > origin server]:3000/api/user/stars/dashboard/2 - DIRECT/- text/html > > Why is ATS refusing to proxy these requests? > > I'm going to go dig into the source right now but perhaps someone has a > quicker answer? > > Thanks, > --Jered > > >
