Hi,
I have REST POST route that works perfectly over HTTP, as soon as I make the same request over HTTPS(SSL) I get a 405 (method not allowed). I have looked at explicitly allowing the POST method on the CREATE action in the AccessControlFilter
[
'allow' => true,
'actions' => ['create'],
'verbs' => ['GET', 'POST'],
],
That hasn’t solved the problem. I have tried setting this with the VerbFilter
$behaviors['verbs'] = [
'class' => \yii\filters\VerbFilter::className(),
'actions' => [
...
'create' => ['get', 'post'],
...
],
];
and that doesn’t seem to do the work either. I am yet to dig deeper into the VerbFilter class code just to understand a bit better what’s going on (because the exception is being thrown from there - I believe), but I was wondering if anyone has any leads on what could be causing the error and what would be the possible solution.
-
Is it something with the urlManager and setting specific rules?
-
Could it be to do with the CSRF token? I doubt though because the request is handled okay over HTTP
-
…?
I will appreciate any leads.
Thanks,
------- Extra info ----------
I have tried this with the Postman REST client, curl and an Android client.
The exact error that I’m getting is
{"name":"Method Not Allowed","message":"Method Not Allowed. This url can only handle the following request methods: POST.","code":0,"status":405}
so it seems that somehow the request is not being seen as a POST request by the VerbFilter. As I indicated this only happens when the request is made over HTTPS.