Closed thetmtech closed 6 years ago
I'll try to document the problem and get back here.
The URL that gives an error is https://tracking.rosettastone.com/users
.
POST /users HTTP/1.1
Host: tracking.rosettastone.com
Connection: keep-alive
Content-Length: 1464
X-ROSETTASTONE-PROTOCOL-VERSION: 7
Origin: https://resources.rosettastone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Content-Type: text/xml
X-ROSETTASTONE-APP-BUILD: true
X-ROSETTASTONE-APP-VERSION: Course App/null
X-Requested-With: ShockwaveFlash/29.0.0.113
A sample of request headers from calls to that URL.
My first guess is that the filter is mangling request payload because it looks like it's a binary payload.
Content-Type
of returned content is text/xml
It appears the problem is that FilterCore is removing Content-Encoding: deflate
from the headers of the request. Removing it from the ForbiddenHttpHeaders
does not seem to have any ill effects. Perhaps related to #103?
I believe this is fixed.