I am having Google App Engine Go application. Recently I have noticed all HTTP DELETE calls are failing with 403 and an html page returned saying "Access Denied". The call is not going to the actual application the error seems to be returned by App Engine.
No error found in GAE logs.
This seems to be recent security changes in GAE causing this. But I don't find a way to enable DELETE method. All other methods GET, POST and PUT are working without any issue. I have searched GAE help but not able to find any information related to this issue.
Any idea how to enable DELETE method?
To make simpler I have created new sample app with following code. For any http call to "/" it returns "test"(by default it should return 200 OK).
package hello
import (
"fmt"
"net/http"
)
func init() {
http.HandleFunc("/", handler)
}
func handler(w http.ResponseWriter, r *http.Request) {
fmt.Fprint(w, "Test")
}
Now If call GET, PUT and POST it is successfully returning test with 200. For DELETE it is returning following html text with http error code 403.
<HTML>
<HEAD>
<TITLE>Access Denied</TITLE>
</HEAD>
<BODY BGCOLOR="white" FGCOLOR="black">
<H1>Access Denied</H1>
<HR>
<FONT FACE="Helvetica,Arial"><B>
Description: You are not allowed to access the document you requested.
</B></FONT>
<HR>
</BODY>
For local server DELETE method working fine and returning 200 OK with "test"