ROR 7.15.1 kibana 400 errors when trying GET method from dev tools


I just installed fresh Elasticsearch and Kibana both v.7.15.1 and installed ROR plugins v7.15.1. For kibana I patched the plugin.

I can log in, can see all indexes from web ui, but in Dev mode I get 400 error when I try to execute any GET method (eg GET _cat/health). The same issue is with DELETE method
PUT and POST works fine.

elasticsearch.yml: TEST-ES TEST-1
http.port: 9200 /mnt/data/elasticsearch
path.logs: /var/log/elasticsearch
path.repo: /mnt/data/elasticsearch/snapshot
bootstrap.memory_lock: true
action.destructive_requires_name: true
script.painless.regex.enabled: true false
discovery.type: single-node

enable: true
- name: “Accept all requests from localhost”
type: allow
hosts: [XXX.XX.XXX.XXX]
- name: “Accept all requests from users in group developers on all indexes”
groups: [“dev”]
indices: ["*"]
- username: kibana
auth_key_unix: kibana:$6$rounds=65635$zzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
groups: [“dev”]

server.port: 5601 “”
logging.dest: /var/log/kibana/kibana.log
elasticsearch.hosts: [“”]
elasticsearch.username: “kibana”
elasticsearch.password: “zzzzzz”
xpack.graph.enabled: false false
xpack.monitoring.enabled: true false
xpack.watcher.enabled: false

{"type":"response","@timestamp":"2021-10-19T15:45:12+02:00","tags":["access:console"],"pid":3908,"method":"post","statusCode":400,"req":{"url":"/api/console/proxy?path=_cat%2Fhealth&method=GET","method":"post","headers":{"host":"","accept":"text/plain, */*; q=0.01","dnt":"1","kbn-xsrf":"kibana","user-agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36","origin":"","referer":"","accept-encoding":"gzip, deflate","accept-language":"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7,ru;q=0.6","connection":"close","x-ror-pkp-kibana-token":"9rat76sehlxw06uciwzgmrnmj3xzjv","content-length":"2","accept-charset":"utf-8"},"remoteAddress":"","userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36","referer":""},"res":{"statusCode":400,"responseTime":99,"contentLength":328},"message":"POST /api/console/proxy?path=_cat%2Fhealth&method=GET 400 99ms - 328.0B"}

in dev tools:
GET _cat/heath or DELETE testindex
“error” : {
“root_cause” : [
“type” : “illegal_argument_exception”,
“reason” : “request [GET /_cat/health] does not support having a body”
“type” : “illegal_argument_exception”,
“reason” : “request [GET /_cat/health] does not support having a body”
“status” : 400

Maybe I miss something?

Thanks for your help in advance.


GET _search
“query”: {
“match_all”: {}

also works

Hi @siberijah, I could reproduce the issue. For completeness, this is the Ajax request I can see in my browser when this happens in my local dev environment:

curl 'https://localhost:5601/api/console/proxy?path=%2F_cat%2Fhealth&method=GET' \
  -X 'POST' \
  -H 'Connection: keep-alive' \
  -H 'Content-Length: 0' \
  -H 'sec-ch-ua: "Chromium";v="94", "Google Chrome";v="94", ";Not A Brand";v="99"' \
  -H 'Accept: text/plain, */*; q=0.01' \
  -H 'DNT: 1' \
  -H 'kbn-xsrf: kibana' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36' \
  -H 'sec-ch-ua-platform: "Linux"' \
  -H 'Origin: https://localhost:5601' \
  -H 'Sec-Fetch-Site: same-origin' \
  -H 'Sec-Fetch-Mode: cors' \
  -H 'Sec-Fetch-Dest: empty' \
  -H 'Referer: https://localhost:5601/app/dev_tools' \
  -H 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8,it;q=0.7' \
  -H 'Cookie: rorCookie_secure=Fe26.2**b745bf595b8a32b459c182f9ca80000f3b6d35c832f7a2c0df1590ffc4e7f01a*Ya_CzIZMWbOnlZUAHkwQyA*DilEfHk_2tQBxnTu9opThMySL0yQaXcGZ8rHdOMg1nz1S3eR31H_vSTCdSNZQSnq**aed2d8e6995f7c266697df1f16d5f49c912f97cae08adb095eaa34ac21729544*gXqMeEteUGiWeaPKE-wpkaDdB5SHkahr8Vzwo9_LUCc; rorCookie_secure-SP={%22createdAtMillis%22:1634675880525%2C%22intervalMillis%22:60000}' \
  --compressed \

@Dzuming WDYT?

1 Like

I Will check it, I’m also able to reproduce it and it happens only on some paths.


I was able to resolve this issue. The fix will be included in the next ROR plugin release

1 Like

Thanks a lot for support, and have a nice day

ps: can’t wait for the new release :wink: