-
-
Notifications
You must be signed in to change notification settings - Fork 10.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't set headers for DELETE method #509
Comments
Fixed via d963368 |
Hi @nickuraltsev , I am facing the same problem now. My case:
|
@tangshuang Do you mind demonstrating the full steps to reproduce this. |
Well, I found the reason. |
You could in theory use the
However, even with data present, Axios seems to ignore it in the request which makes sense since passing back data on a HTTP DELETE request was not defined in the HTTP 1.1 spec: https://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-19#section-6.7
|
in my case doing delete with axios in below method doesn't send header. let {data} = await axios.delete(baseUrl+`/likepost`,
{
postId:postId
},{headers:{Cookie:`sid=${cookie}`}}) but this way it's working correctly let {data} = await axios({
url:baseUrl+`/likepost`,
method:'delete',
data : {postId},
headers:{Cookie:`sid=${cookie}`}
}) |
@moeinrahimi Are you sure? You mean you can post data with DELETE method? |
This Pull Request updates dependency [axios](https://github.com/axios/axios) from `v0.15.2` to `v0.18.0` <details> <summary>Release Notes</summary> ### [`v0.18.0`](https://github.com/axios/axios/blob/master/CHANGELOG.md#​0180-Feb-19-2018) [Compare Source](axios/axios@v0.17.1...v0.18.0) - Adding support for UNIX Sockets when running with Node.js ([#​1070](`axios/axios#1070)) - Fixing typings ([#​1177](`axios/axios#1177)): - AxiosRequestConfig.proxy: allows type false - AxiosProxyConfig: added auth field - Adding function signature in AxiosInstance interface so AxiosInstance can be invoked ([#​1192](`axios/axios#1192), [#​1254](`axios/axios#1254)) - Allowing maxContentLength to pass through to redirected calls as maxBodyLength in follow-redirects config ([#​1287](`axios/axios#1287)) - Fixing configuration when using an instance - method can now be set ([#​1342](`axios/axios#1342)) --- ### [`v0.17.1`](https://github.com/axios/axios/blob/master/CHANGELOG.md#​0171-Nov-11-2017) [Compare Source](axios/axios@v0.17.0...v0.17.1) - Fixing issue with web workers ([#​1160](`axios/axios#1160)) - Allowing overriding transport ([#​1080](`axios/axios#1080)) - Updating TypeScript typings ([#​1165](`axios/axios#1165), [#​1125](`axios/axios#1125), [#​1131](`axios/axios#1131)) --- ### [`v0.17.0`](https://github.com/axios/axios/blob/master/CHANGELOG.md#​0170-Oct-21-2017) [Compare Source](axios/axios@v0.16.2...v0.17.0) - **BREAKING** Fixing issue with `baseURL` and interceptors ([#​950](`axios/axios#950)) - **BREAKING** Improving handing of duplicate headers ([#​874](`axios/axios#874)) - Adding support for disabling proxies ([#​691](`axios/axios#691)) - Updating TypeScript typings with generic type parameters ([#​1061](`axios/axios#1061)) --- ### [`v0.16.2`](https://github.com/axios/axios/blob/master/CHANGELOG.md#​0162-Jun-3-2017) [Compare Source](axios/axios@v0.16.1...v0.16.2) - Fixing issue with including `buffer` in bundle ([#​887](`axios/axios#887)) - Including underlying request in errors ([#​830](`axios/axios#830)) - Convert `method` to lowercase ([#​930](`axios/axios#930)) --- ### [`v0.16.1`](https://github.com/axios/axios/blob/master/CHANGELOG.md#​0161-Apr-8-2017) [Compare Source](axios/axios@v0.16.0...v0.16.1) - Improving HTTP adapter to return last request in case of redirects ([#​828](`axios/axios#828)) - Updating `follow-redirects` dependency ([#​829](`axios/axios#829)) - Adding support for passing `Buffer` in node ([#​773](`axios/axios#773)) --- ### [`v0.16.0`](https://github.com/axios/axios/blob/master/CHANGELOG.md#​0160-Mar-31-2017) [Compare Source](axios/axios@v0.15.3...v0.16.0) - **BREAKING** Removing `Promise` from axios typings in favor of built-in type declarations ([#​480](`axios/axios#480)) - Adding `options` shortcut method ([#​461](`axios/axios#461)) - Fixing issue with using `responseType: 'json'` in browsers incompatible with XHR Level 2 ([#​654](`axios/axios#654)) - Improving React Native detection ([#​731](`axios/axios#731)) - Fixing `combineURLs` to support empty `relativeURL` ([#​581](`axios/axios#581)) - Removing `PROTECTION_PREFIX` support ([#​561](`axios/axios#561)) --- ### [`v0.15.3`](https://github.com/axios/axios/blob/master/CHANGELOG.md#​0153-Nov-27-2016) [Compare Source](axios/axios@v0.15.2...v0.15.3) - Fixing issue with custom instances and global defaults ([#​443](`axios/axios#443)) - Renaming `axios.d.ts` to `index.d.ts` ([#​519](`axios/axios#519)) - Adding `get`, `head`, and `delete` to `defaults.headers` ([#​509](`axios/axios#509)) - Fixing issue with `btoa` and IE ([#​507](`axios/axios#507)) - Adding support for proxy authentication ([#​483](`axios/axios#483)) - Improving HTTP adapter to use `http` protocol by default ([#​493](`axios/axios#493)) - Fixing proxy issues ([#​491](`axios/axios#491)) --- </details> --- This PR has been generated by [Renovate Bot](https://renovatebot.com).
axios.delete({ i try to use csrf in delete , but i am getting this error in node.js DELETE http://localhost:3131/system/ABC/delete/473TL095G3x-HpugwipBP0RAMmyer5cPDafrNg0 403 (Forbidden) |
yes, even I'm facing the same issue if I'm using the axios.delete with config withCredentials: true and CORS enabled on the backend server with a different domain, All though I'm explicitly setting the cookies in response headers which I can see in network tab, these are not sent later when I make axios.delete request
Note: also checked with JS native XMLHttpRequest, it's not supported to set xhr.withCredentials = true; with CORS, so its obvious that it's not supported in Axios |
I create an instance of axios:
const api = axios.create({ baseURL: process.env.BASE_URL, timeout: 1000, });
I am able to set the header for POST:
api.defaults.headers.post['X-CSRFToken'] = cookie.csrftoken;
However, if I try to set the header for DELETE:
api.defaults.headers.delete['X-CSRFToken'] = cookie.csrftoken;
I get the following error:
Cannot set property 'X-CSRFToken' of undefined
Is this expected behavior?
The text was updated successfully, but these errors were encountered: