Stack Exchange Inbox Reputation and Badges sign up log in tour help
Search Q&A
Stack Overflow
Questions
Jobs
Tags
Users
Badges
Ask Question
_ Stack Overflow is a community of 4.7 million programmers, just like you, helping each other.
Join them; it only takes a minute:
Sign up
Join the Stack Overflow community to:
Ask programming questions Answer and help your peers Get recognized for your expertise
App Engine 400 - Your client has issued a malformed or illegal request
up vote
16
down vote
favorite
3
I have been running into this error for the last 3 or 4 weeks making requests to app engine. Certain requests - especially HTTP DELETE requests, are having this error returned from the google server.
Others have reported the same error - with 3 outcomes I can locate
It is caused by stale cookies - clear your cookies and it runs fine gmail help -
It is caused by a malformed url - only cases I can find relate to urlfetch() - spaces in the url - App engine Group #1, App Engine Group #2
No resolution - sporadic behaiour, IE only. App Engine Group #3, App Engine Group #4
I'm now getting this behaviour all the time, in every browser. I can completely clear down the cache/cookies etc. in Chrome, Firefox, Safari, restart the browser and still reliably get this error on the same requests, so I don't think its cookie related. In any case I can issue GET, POST PUT requests no problem with the same cookie.
Given that it occurs reliably on specific DELETE requests, the malformed URL would seem the most likely, however my URL is really very simple, and works fine on the dev server
Firebug shows the request headers as (I've munged the keys as they contain identifying data, but did so by removing characters from the centre of the key - not either end to guarantee I didn't inadvertently remove any leading or trailing whitespace)
Request URL:http://my-app.appspot.com/agprhcjgLEgVLbm93dCItX0RrbV9Ea25vd3RfbmV0X19wccxDA/Task.xml
Request Method:DELETE
Status Code:400 Bad Request
Request Headers
Accept:*/*
Cache-Control:max-age=0
Content-Type:application/x-www-form-urlencoded
Origin:http://my-app.appspot.com
Referer:http://my-app.appspot.com/
User-Agent:Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4
X-Requested-With:XMLHttpRequest
Form Data
entity_key:agprdC1hcjYLEgVLbm93dCIrX09Ea25vd3RfbmV0X19wMQw
Response Headers
Content-Length:1350
Content-Type:text/html; charset=UTF-8
Date:Fri, 30 Jul 2010 15:51:58 GMT
Server:GFE/2.0
The response headers show that the request never made it to the app engine servers (and my app engine logs bear this out) - a request which successfully makes it to the app engine server looks more like this for response headers -
Cache-Control:no-cache
Content-Length:4332
Content-Type:application/xml
Date:Fri, 30 Jul 2010 11:08:21 GMT
Expires:Fri, 01 Jan 1990 00:00:00 GMT
Server:Google Frontend
X-AppEngine-Estimated-CPM-US-Dollars:$0.004033
X-AppEngine-Resource-Usage:ms=573 cpu_ms=146 api_cpu_ms=30
I am constructing the requests using jquery's $.ajax() method and setting the type as 'DELETE'. Also, these have worked as recently as last week, although the problem was starting to appear intermittently. Right now, nothing I do has any effect.
At the moment I'm thinking this is some sort of configuration error/change on google servers , slowly creeping across their network - which explains why it began intermittently, steadily increased, and now happens all the time.
Is anyone else able to issue HTTP DELETE requests to google app engine? If you are, do your URL's contain app engine entity keys? Can you see anything dodgy with mine?
Any other pointers would be greatly appreciated. Cheers,
Colin
The full response from the google server is -
<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<title>400 Bad Request</title>
<style></style>
<script>
</script>
</head>
<body text=#000000 bgcolor=#ffffff>
Google
| |
Error</td></tr>
|
</td></tr></table>
Bad Request
Your client has issued a malformed or illegal request.
</blockquote>
<img alt="" width=1 height=4> |
</body></html>
google-app-engine
shareimprove this question
edited Dec 29 '13 at 6:49
Kara
2,90572641
asked Jul 30 '10 at 16:51
hawkett
1,06841738
Your first suggestion (clearing all data, cookies etc) worked thanks – Dominic Tobias May 22 '15 at 9:26
add a comment
2 Answers
active oldest votes
up vote
16
down vote
accepted
With an HTTP DELETE, the URI should fully identify the resource to be deleted. Sending additional data in the request body is unexpected, and on App Engine, unsupported:
Indeed, when the appspot frontends see a DELETE request that includes an body, such as your app, they return a 501. But, if you remove the body then it will serve a 200.
Based on the subsequent discussion, it looks like they decided 400 was more appropriate than 501. In any event, if you omit the body and move your entity key into the URI, you should be fine.
shareimprove this answer
answered Jul 30 '10 at 20:25
Drew Sears
11.7k1836
Hi Drew - thanks for highlighting this - definitely looks like the cause of the problem. It strikes me as an incredibly naive constraint - especially since it's not mandated by the spec. Regardless of my use case, DELETE is quite a complex operation - e.g. are we performing a hard delete or a soft delete - what about archiving? Surely it should be up to the serving application (and not the context unaware web server) to determine 200 or 400 in this situation. Will follow this up on the google issue which appears to have been re-opened based on similar concerns. Thx. – hawkett Jul 31 '10 at 0:31
1
Why not just follow the convention? GET/PUT/DELETE should fetch, create/overwrite, or remove the exact resource identified by the URI. Extra parameters for all 3 should go on the query string. Only PUT should have a body, and it should be the resource contents. If you DELETE a URI and return a 200, a subsequent GET or DELETE should 404. For everything else, there's POST, which just means "send some stuff to this URI and expect something to happen". If you wanted to delete two resources at once, it would be more appropriate to do that in a POST than trying to stuff the logic into a DELETE. – Drew Sears Jul 31 '10 at 1:46
A few points - 1) if data should be encoded on the query string, then jQuery's impl of DELETE is broken. 2) POST should be used to create an entity subordinate to the resource indicated in the URI - I'm doing nothing even close to that - POST would be a big hack. 3) PUT doesn't use query params by convention, any more than DELETE doesn't have a body 4) I can't find any official statement that a request body is unexpected for DELETE - the author at your link seems to have embellished the specification. All that said, it looks like query string params are my best bet. Just not liking it :) Thx – hawkett Jul 31 '10 at 11:07
This post is also useful, and seems to come to the conclusion in multiple answers that it should be supported according to the spec. stackoverflow.com/questions/299628/… – hawkett Jul 31 '10 at 11:26
add a comment
up vote
2
down vote
I've seen this happen when the site authenticating doesn't resolve multiple browser users properly or adequately. In ChromeOS the fix is to sign out entirely, and access the site when only the primary identity has been authenticated. ExamplesGmail, and Ingress.
shareimprove this answer
answered Aug 1 '14 at 21:16
Just Visiting
311
add a comment
Your Answer
Sign up or log in
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Name
Email
required, but never shown
Post Your Answer
By posting your answer, you agree to the privacy policy and terms of service.
Not the answer you're looking for? Browse other questions tagged google-app-engine or ask your own question.
asked
5 years ago
viewed
16348 times
active
1 year ago
99 People Chatting
JavaScript
1 hour ago - KarelG
KarelG1 hour agoHatter is Mad1 hour agoCaprica Six1 hour agoSterling Archer1 hour agossube1 hour agorlemon1 hour agoLoktar1 hour ago
SO Close Vote Reviewers
1 hour ago - Andras Deak
Andras Deak1 hour agoPraveen Kumar1 hour agoSmokeDetector1 hour agoKyll1 hour agoJAL2 hours agoMogsdad2 hours agoDrew2 hours ago
Linked
291
Is an entity body allowed for an HTTP DELETE request?
0
Calling RESTful API Using Python on Google App Engine
Related
72
Deleting a Google App Engine application
203
How to use Google app engine with my own naked domain (not subdomain)?
62
Pros Cons of Google App Engine
2
Google App Engine - Request was aborted after waiting too long to attempt to service your request
10
App Engine deployment fails with “Client Error (400) The request is invalid for an unspecified reason.”
5
503 and 400 on uploading images in Google App Engine
0
LDAP Client in Google App Engine
2
google app engine projectServer Error The server encountered an error and could not complete your request
0
Google App Engine ErrorSorry your request cannot be processed at this time. ?
3
App Engine silently fails on some requests
Hot Network Questions
Compute the histogram entropy estimation of a string
What do you call tiny underdeveloped segments of an orange?
Reverse positive runs
Why is there so much fear surrounding LiPo batteries?
I am small yet Large, who am I?
Attire in Iran for male travelers
In the movie Contact, did they get the theory of relativity wrong?
After Darth Vader was killed, did Luke tell anyone that he was his father?
What is a "risk wafer"?
Do I not have the personality for a PhD?
notation to describe an elliptical orbit? (3000km x 40000km)
Can I use "some" as a synonym of "very"?
More clicks while using "Noun" or "Verb" for actions?
Rewritable punch cards
How do payroll-deducted taxes get sent to the IRS?
Two PhD's in different UK universities, simultaneously, part-timeabsurd idea?
Is it conceivable that President Obama might use the word "queue"?
Are there any advantages to either DC barrel connector polarity?
The index columns in sys.index_columns different from what are in the index
What is the purpose of the extra wheel on the XB-70 main gear?
Where did the term "chicken walker" come from?
How do I encourage users to supply information that might not be available, if it is available?
Decides the mechanism of organic chemical reactions based on user input
How do you say "nail" (as in "get something right") in French?
question feed
about us tour help blog chat data legal privacy policy work here advertising info mobile contact us feedback
TECHNOLOGY LIFE / ARTS CULTURE / RECREATION SCIENCE OTHER
Stack Overflow
Server Fault
Super User
Web Applications
Ask Ubuntu
Webmasters
Game Development
TeX - LaTeX
Programmers
Unix Linux
Ask Different (Apple)
WordPress Development
Geographic Information Systems
Electrical Engineering
Android Enthusiasts
Information Security
Database Administrators
Drupal Answers
SharePoint
User Experience
Mathematica
Salesforce
ExpressionEngine® Answers
more (13)
Photography
Science Fiction Fantasy
Graphic Design
Movies TV
Seasoned Advice (cooking)
Home Improvement
Personal Finance Money
Academia
more (9)
English Language Usage
Skeptics
Mi Yodeya (Judaism)
Travel
Christianity
Arqade (gaming)
Bicycles
Role-playing Games
more (21)
Mathematics
Cross Validated (stats)
Theoretical Computer Science
Physics
MathOverflow
Chemistry
Biology
more (5)
Stack Apps
Meta Stack Exchange
Area 51
Stack Overflow Careers
site design / logo © 2016 Stack Exchange Inc; user contributions licensed under cc by-sa 3.0 with attribution required
rev 2016.4.25.3510
|