Closed VShox closed 8 years ago
So there is a bug with configuration of pinterest's akamai cdn not handling Expect: Continue headers correctly. When we're adding post parameters as array, curl automatically adds Content-Type: multipart/form-data and sends Expect: Continue header before sending actual payload. There is a chance that api.pinterest.com is resolved to Akamai CDN (other option is Fastly, which is fine). Akamai, probably misconfigured, responds with 100 Continue header, but looks like not proxy Expect header to upstream pinterest backend. Pinterest backend receives request with only headers (no body) and treats that as normal request and returns some data (like old pin content). This is received by curl. However, at that moment the body of request hits Akamai proxy, which assumes it is new request (keep alive) with malformed structure - no headers, etc. and responds back with 400 BAD_REQUEST.
You can see this issue yourself with command-line curl:
curl -X PATCH -H 'Authorization: Bearer token-XXX' -H 'Host: api.pinterest.com' --insecure 'https://23.210.251.107/v1/pins/XXXXXXXXXX4162698904/' -F "note=new_note_test2" --trace-ascii out.txt -v
note hardcoded Akamai IP in the url. Curl in that case shows warning that response body contains extra data which exceeds Content-lenght expected from response headers:
- Excess found in a non pipelined read: excess = 66, size = 267, maxdownload = 267, bytecount = 0
This is 400 response from Akamai. You can see it in out.txt at the very end.
So workaround for that is to force curl not to send Expect header at all. That seems to be working fine in all cases.
Hope that explains things.
Any updates here?
I'm sorry but it looks like I've fully missed these lasts comments and potential fix. @VShox kudos for your fix and for taking the effort to investigate this. I'll merge in the hope it fixes the issue, if not feel free to post a comment in here.
(Lovely how I just pressed the wrong button twice, as usual) :facepunch:
Have you checked if this doesn't break the image upload? Kinda looks like the way we make a post request either breaks #34 or #47 (https://github.com/dirkgroenen/Pinterest-API-PHP/commit/17a2df0f84f8e22314df72873242bee60fa2edc9)