user606521
Reputation: 15434
AWS API Gateway returns 403 when XML versio header is present in xml body
I have API Gateway endpoint that calls API on ECS. Endpoint is supposed to receive XML and parse it internally. The problem is no matter what model I used for request body (or even without body defined at all) API GW returns 403 when XML version is present in request.
This one causes API GW to return 403:
<?xml version="1.0" encoding="UTF-8"?>
<billing_info_updated_notification>
<account>
test
</account>
</billing_info_updated_notification>
and this one works (no xml version header):
<billing_info_updated_notification>
<account>
test
</account>
</billing_info_updated_notification>
Any idea how to fix this? The problem is that this is webhook notification so I dont have any control on shape of xml.
Upvotes: 1
Views: 1174
Answers (2)
user606521
Reputation: 15434
The problem was with AWS WAF enabled :(. WAF blocked all requests with body starting with:
<?xml version="1.0" encoding="UTF-8"?>
Disabling WAF "solved" the issue.
Upvotes: 2
Related Questions
- AWS API Gateway returns a 403 with x-amzn-ErrorType:AccessDeniedException header
- AWS API gateway return XML
- API Gateway configuration returns 403
- AWS API Gateway 403 Forbidden response OPTIONS
- AWS API Gateway 403 Forbidden
- XMLHttpRequest to API GATEWAY not working
- AWS API Gateway xml request
- Inconsistent behavior AWS API gateway . Getting a 403 for an API that was working
- AWS API Gateway accept XML request
- AWS API Gateway accept Content-type: application/xml