[Angular 1.x] $http POST request -> 403 Forbidden

mike-gazzaruso · May 2, 2016, 3:58pm

Hi, when I make POST request with Angular $http, it gives me back a 403 error Forbidden.

I’ve set up default headers into my app configuration
GET (on same URL obviously) works well

URI = "https://api.backendless.com/v1/data/HintObject"
data = {
'name': hintName,
'nexthintmessage': hintDescription,
'isreal': hintIsReal,
'isatreasure': hintIsTreasure,
'points': hintPoints
};
$http.post('https://api.backendless.com/v1/data/HintObject', data)
.then(function (response) {
console.log(response)
})

That’s headers in my app.js

$httpProvider.defaults.headers.common['application-id'] = 'XXXXXXXXXXXXXX';
$httpProvider.defaults.headers.common['secret-key'] = 'XXXXXXXXXXX;
$httpProvider.defaults.headers.post['Content-Type'] = 'application/json';
$httpProvider.defaults.headers.put['Content-Type'] = 'application/json';
$httpProvider.defaults.headers.common['Application-Type'] = 'REST';

mark-piller · May 2, 2016, 5:08pm

Did you configure any security permissions in your backend?

mike-gazzaruso · May 2, 2016, 8:06pm

Nope Mark, I am currently not using “db users”, only custom tables with no restrictions at all.

On GET methods on same URL i get no errors, and I think 403 is returned before passing the body (so not body related error)

Furthermore, when I make POST request from Xamarin (using sendRequest, async or sync not a matter) it works like a charm!

mark-piller · May 2, 2016, 8:12pm

Hi Mike,

Could you check in the Network tab of the browser’s developer tools what the POST request looks like? (URL, http headers and body)

Regards,
Mark

mike-gazzaruso · May 2, 2016, 8:16pm

Hi Mark, not sure to have understood your request, sorry!

P.S.: Not sure it’s coherent with your question, but I use WebStorm + Chrome

mark-piller · May 2, 2016, 8:22pm

I am talking about this: https://developers.google.com/web/tools/chrome-devtools/profile/network-performance/resource-loading?hl=en

mike-gazzaruso · May 2, 2016, 8:24pm

Ok, I think I’ve understood! In Chrome on Network TAB it says me it’s unable to save the object due a Malformed body request, infact I passed “yes” and not “true” for a Boolean property!

But why it says me “403 Forbidden”? Maybe the URL generated by Backendless’ Response is in some manner forbidden to be shown when a “bad body” is generated?

mike-gazzaruso · May 2, 2016, 8:25pm

Yes sorry ! I’ve understood with a little bit of “lag”

mark-piller · May 2, 2016, 8:31pm

I’l find out why server reports 403 for this.

Is the problem now resolved for you?

mike-gazzaruso · May 2, 2016, 8:36pm

Absolutely solved. It works now.

Thanks for support, Mark!