Don't require kbn-version header for HEAD requests

[spalger]

We currently require the kbn-version header for all non-GET requests, which allows users to load applications, but we should also exclude HEAD requests as it serves a very similar purpose to GET and should be safe to execute from any caller.

The reason this is specifically desired is so systems can make HEAD requests to /app/kibana and get a 200 or 503 depending on server status.

Hey @spalger ! shouldn't that be "The reason this is specifically desired is so systems can make HEAD requests to /app/kibana"

And NOT "The reason this is specifically desired is so systems can make HEAD requests to /api/kibana"?

Hey @spalger

How's it going? I just decided to try this again under kibana 4.5 and I'm getting the same result:

[root@varnish1:~] #HEAD http://logs1.example.com/app/kibana
400 Bad Request
Cache-Control: no-cache
Connection: close
Date: Fri, 22 Apr 2016 20:23:03 GMT
Server: nginx/1.8.1
Content-Type: application/json; charset=utf-8
Client-Date: Fri, 22 Apr 2016 20:23:04 GMT
Client-Peer: 52.72.210.180:80
Client-Response-Num: 1
Kbn-Name: kibana
Kbn-Version: 4.5.0

Is a fix still coming for this issue?

Thanks

[spalger]

@bluethundr This issue will be closed when the issue is fixed. Doesn't look like it's being worked on quite yet.

Ok got it. Thanks for the heads up!

Tim

Sent from my iPhone

On Apr 24, 2016, at 2:50 PM, Spencer notifications@github.com wrote:

@bluethundr This issue will be closed when the issue is fixed. Doesn't look like it's being worked on quite yet.

—
You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub