ROR 7.15.1 kibana 400 errors when trying GET method from dev tools

Hi,

I just installed fresh Elasticsearch and Kibana both v.7.15.1 and installed ROR plugins v7.15.1. For kibana I patched the plugin.

I can log in, can see all indexes from web ui, but in Dev mode I get 400 error when I try to execute any GET method (eg GET _cat/health). The same issue is with DELETE method
PUT and POST works fine.

elasticsearch.yml:
cluster.name: TEST-ES
node.name: TEST-1
network.host: 10.10.10.10
http.port: 9200
path.data: /mnt/data/elasticsearch
path.logs: /var/log/elasticsearch
path.repo: /mnt/data/elasticsearch/snapshot
bootstrap.memory_lock: true
action.destructive_requires_name: true
script.painless.regex.enabled: true
xpack.security.enabled: false
discovery.type: single-node

readonlyrest.yml:
readonlyrest:
enable: true
access_control_rules:
- name: “Accept all requests from localhost”
type: allow
hosts: [XXX.XX.XXX.XXX]
- name: “Accept all requests from users in group developers on all indexes”
groups: [“dev”]
indices: [“*”]
users:
- username: kibana
auth_key_unix: kibana:$6$rounds=65635$zzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
groups: [“dev”]

kibana.yml
server.port: 5601
server.host: “10.10.10.10”
logging.dest: /var/log/kibana/kibana.log
elasticsearch.hosts: [“http://10.10.10.10:9200”]
elasticsearch.username: “kibana”
elasticsearch.password: “zzzzzz”
xpack.graph.enabled: false
xpack.ml.enabled: false
xpack.monitoring.enabled: true
xpack.security.enabled: false
xpack.watcher.enabled: false

kibana.log
{"type":"response","@timestamp":"2021-10-19T15:45:12+02:00","tags":["access:console"],"pid":3908,"method":"post","statusCode":400,"req":{"url":"/api/console/proxy?path=_cat%2Fhealth&method=GET","method":"post","headers":{"host":"10.10.10.10:5601","accept":"text/plain, */*; q=0.01","dnt":"1","kbn-xsrf":"kibana","user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36","origin":"http://10.10.10.10:5601","referer":"http://10.10.10.101:5601/app/dev_tools","accept-encoding":"gzip, deflate","accept-language":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7,ru;q=0.6","connection":"close","x-ror-pkp-kibana-token":"9rat76sehlxw06uciwzgmrnmj3xzjv","content-length":"2","accept-charset":"utf-8"},"remoteAddress":"127.0.0.1","userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36","referer":"http://10.10.10.10:5601/app/dev_tools"},"res":{"statusCode":400,"responseTime":99,"contentLength":328},"message":"POST /api/console/proxy?path=_cat%2Fhealth&method=GET 400 99ms - 328.0B"}

in dev tools:
GET _cat/heath or DELETE testindex
{
“error” : {
“root_cause” : [
{
“type” : “illegal_argument_exception”,
“reason” : “request [GET /_cat/health] does not support having a body”
}
],
“type” : “illegal_argument_exception”,
“reason” : “request [GET /_cat/health] does not support having a body”
},
“status” : 400
}

Maybe I miss something?

Thanks for your help in advance.

Update:

GET _search
{
“query”: {
“match_all”: {}
}
}

also works

Hi @siberijah, I could reproduce the issue. For completeness, this is the Ajax request I can see in my browser when this happens in my local dev environment:

curl 'https://localhost:5601/api/console/proxy?path=%2F_cat%2Fhealth&method=GET' \
  -X 'POST' \
  -H 'Connection: keep-alive' \
  -H 'Content-Length: 0' \
  -H 'sec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"' \
  -H 'Accept: text/plain, */*; q=0.01' \
  -H 'DNT: 1' \
  -H 'kbn-xsrf: kibana' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36' \
  -H 'sec-ch-ua-platform: "Linux"' \
  -H 'Origin: https://localhost:5601' \
  -H 'Sec-Fetch-Site: same-origin' \
  -H 'Sec-Fetch-Mode: cors' \
  -H 'Sec-Fetch-Dest: empty' \
  -H 'Referer: https://localhost:5601/app/dev_tools' \
  -H 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8,it;q=0.7' \
  -H 'Cookie: rorCookie_secure=Fe26.2**b745bf595b8a32b459c182f9ca80000f3b6d35c832f7a2c0df1590ffc4e7f01a*Ya_CzIZMWbOnlZUAHkwQyA*DilEfHk_2tQBxnTu9opThMySL0yQaXcGZ8rHdOMg1nz1S3eR31H_vSTCdSNZQSnq**aed2d8e6995f7c266697df1f16d5f49c912f97cae08adb095eaa34ac21729544*gXqMeEteUGiWeaPKE-wpkaDdB5SHkahr8Vzwo9_LUCc; rorCookie_secure-SP={%22createdAtMillis%22:1634675880525%2C%22intervalMillis%22:60000}' \
  --compressed \
  --insecure

@Dzuming WDYT?

1 Like

I Will check it, I’m also able to reproduce it and it happens only on some paths.

2 Likes

I was able to resolve this issue. The fix will be included in the next ROR plugin release

1 Like

Thanks a lot for support, and have a nice day

ps: can’t wait for the new release :wink: