Investigating a web resource's behavior I found out that there is a POST request (as it is stated in Web Inspector) made as XHR (AJAX) with some parameters and request headers. Among others there is a X-Requested-With: XMLHttpRequest meaning that the request is AJAX.
When I try to make the same request with JMeter or Curl I get an error telling the following (providing all necessary headers) :
Request method 'POST' not supported
I have source of the app and service of my interest has the following definition:
@Controller
@RequestMapping(value = "/myrestservice")
public class MyRestServiceController {
// some code goes here
@RequestMapping(value = "/get", method = RequestMethod.POST, produces = "application/json")
@ResponseBody
public Map<String, DataDTO> getRestServiceResponse(@RequestParam("list") final List<String> itemsList, final Model model)
So it has to accept POST requests. And it does when it comes in runtime, but it doesn't for me trying to make such a request manually.
Any ideas why this kind of discrepancy happens?
This is the Request snipped from View Results Tree: POST https:${address-goes-here}/productstock/get/
POST data: CSRFToken=720fe025-d511-4a5e-ab17-d1ea8e0b0aa3&productList=productList%3D000000000010000545%2C000000000010000553%2C000000000010012169
Cookie Data: JSESSIONID=60409DB1AFD720283100BCA212CD42DE.app11; megapolisstorefrontRememberMe=cGV0cjE0NzhAbWFpbC5ydToxNTIwMjQzMjExMzc5Ojk2Z> TkzN2FlNzY5MDk5NmY4ZDk5N2JhMTQ5MmEzYmI5; > acceleratorSecureGUID=ca22a2f520a00f5cc3efa3acb6599a5f0e081c85
Request Headers: Connection: keep-alive Accept: application/json, text/javascript
X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Origin: ${address-goes-here}
Referer: ${address-goes-here}/%D0%9A%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3/%D0%9D%D0%B0%D0%BF%D0%B8%D1%82%D0%BA%D0%B8/%D0%AD%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5-%D0%BD%D0%B0%D0%BF%D0%B8%D1%82%D0%BA%D0%B8/c/2006
Content-Length: 147
Host: ${address-goes-here}
User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_112)
Content-Type: application/json
– Angelo Immediata