K6 http.del not working as expected

Grafana k6 OSS Support
1

Hi there,

I think I am doing something wrong with K6 when using the http.del request.
We have an endpoint in our application where we need to delete something from the application, but it fails to do so due a token error. (Invalid or expired token) results in a 401 unauthorized.

I tried, different content types in header with the token, just a token in a header, sending just a header without params

I also tried to use the http.request(''DELETE), same issue.

var header = {
        'Authorization': 'Bearer ' + token,
    }
  params = {
        headers : header,
    }
var res = http.request('DELETE', `${__ENV.URL}/api/v4/something/0FADB876-21B8-4AF3-8816E2D64B9F7AD7/`, params);

let deleteReq = http.del(`${__ENV.URL}/api/v4/something/0FADB876-21B8-4AF3-8816E2D64B9F7AD7`, null, params);

They both result in 401, I tried to the same request with Postman or Pytest and it works and deletes something from the application. It returns a 204 as it is expected.
All other requests to the endpoint have no issues with K6 and work as expected.

However it looks like there is some issue with passing the header correctly when using the DELETE method. What am I missing here?

{"remote_ip":"143.204.215.7","remote_port":443,"url":"SOMEURL/api/v4/SOMETHING/0FADB876-21B8-4AF3-8816E2D64B9F7AD7/","status":401,"status_text":"401 Unauthorized","proto":"HTTP/2.0","headers":{"Server":"nginx","X-Amz-Cf-Id":"UCYogrXHQqeN0bvkgk4xrXPyly3Es52TO0Ik7SaSCTvqiUMTcsp-ng==","Content-Length":"24","Cache-Control":"no-cache, no-store, must-revalidate","X-Frame-Options":"SAMEORIGIN","X-Cache":"Error from cloudfront","X-Amz-Cf-Pop":"FRA53-C1","Date":"Tue, 15 Nov 2022 10:05:58 GMT","X-Api-Correlation-Id":"b6a563d1-edc2-8f12-d887-9114e70c5e98","Set-Cookie":"DEFAULTLOCALE=en_US;Path=/","Via":"1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)","Content-Type":"text/plain;charset=UTF-8"},"cookies":{"DEFAULTLOCALE":[{"name":"DEFAULTLOCALE","value":"en_US","domain":"","path":"/","http_only":false,"secure":false,"max_age":0,"expires":-6795364578871}]},"body":"Invalid or expired token","timings":{"duration":113.792,"blocked":0,"looking_up":0,"connecting":0,"tls_handshaking":0,"sending":0.283,"waiting":113.342,"receiving":0.167},"tls_version":"tls1.3","tls_cipher_suite":"TLS_AES_128_GCM_SHA256","ocsp":{"produced_at":0,"this_update":0,"next_update":0,"revoked_at":0,"revocation_reason":"","status":"unknown"},"error":"","error_code":1401,"request":{"method":"DELETE","url":"SOMEURL/api/v4/SOMETHING/0FADB876-21B8-4AF3-8816E2D64B9F7AD7/","headers":{"Content-Type":["application/x-www-form-urlencoded"],"User-Agent":["k6/0.38.1 (https://k6.io/)"]},"body":"Authorization=Bearer+eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlFHSTF0Ykc5WWd1NmZQZEYvR25reTVHVkl3NHBKYzkrTGtZOFJja21SbzQ9In0.eyJjbGllbnRfaWQiOiJhYjc0YTQ0Ny03MGI2LTRjZGEtYjBhMS01NmY4OWU4Y2U3OGQiLCJhY2NvdW50X2lkIjoiOWNhZjgxZDAtZDcxNS00MWU1LTllY2EtOGU1ZjY2NTg2NmJmIiwidXNlcl9pZCI6IkRCMzkyQkI1LUExREYtNDEwMS1BMTAxM0I3NTVBMTE4QTMzIiwicHJvZmlsZV9pZCI6ImIwMzJiMTE2LWE2ZDgtNGUzZi1iNTQzLTQyM2FmYTBjNGU5OSIsImdyb3VwX2lkcyI6W10sImFwcF9jb2RlcyI6WyJJQiJdLCJzY29wZXMiOlsib2ZmbGluZSIsImFzc2V0OnJlYWQiLCJhc3NldDp3cml0ZSIsImFzc2V0LnVzYWdlOnJlYWQiLCJhc3NldC51c2FnZTp3cml0ZSIsImNvbGxlY3Rpb246cmVhZCIsImNvbGxlY3Rpb246d3JpdGUiLCJtZXRhLmFzc2V0YmFuazpyZWFkIiwibWV0YS5hc3NldGJhbms6d3JpdGUiLCJjdXJyZW50LnVzZXI6cmVhZCIsImN1cnJlbnQucHJvZmlsZTpyZWFkIiwiYWRtaW4ucHJvZmlsZTpyZWFkIiwiYWRtaW4udXNlcjpyZWFkIiwiYWRtaW4udXNlcjp3cml0ZSIsImFuYWx5dGljcy5hcGk6cmVhZCJdLCJtb2R1bGVfcGVybWlzc2lvbnMiOlsiYXNzZXRfYmFuay5hc3NldC5lZGl0IiwiYXNzZXRfYmFuay5hc3NldC5jcmVhdGUiLCJhc3NldF9iYW5rLmFzc2V0LmRlbGV0ZSIsImFzc2V0X2JhbmsuYXNzZXQucHVibGlzaCIsImFzc2V0X2JhbmsuaGFuZGxlci5zdGF0aXN0aWNzIiwiYXNzZXRfYmFuay5jb2xsZWN0aW9uLmNyZWF0ZSIsImFzc2V0X2JhbmsuY29sbGVjdGlvbi5wdWJsaXNoIiwiYXNzZXRfYmFuay5hc3NldC5zaGFyZSIsImFzc2V0X2JhbmsubWV0YV9wcm9wZXJ0eS5tYW5hZ2UiLCJhc3NldF9iYW5rLnByb2ZpbGUubWFuYWdlIiwiYXNzZXRfYmFuay51c2VyLm1hbmFnZSJdLCJpYXQiOjE2Njg1MDU5NTgsImV4cCI6MTY2ODUwOTU1OCwiYXVkIjoiYWI3NGE0NDctNzBiNi00Y2RhLWIwYTEtNTZmODllOGNlNzhkIiwiaXNzIjoiQnluZGVyX19zdGFnZS1nbG9iYWxfX2J5bmRlci1hdXRoZW50aWNhdGlvbiIsImp0aSI6IlFHSTF0Ykc5WWd1NmZQZEYvR25reTVHVkl3NHBKYzkrTGtZOFJja21SbzQ9In0.n4yVW4s0exMroxQyhMzYUn9DiQYpTQy99trXTbvzgbuPDJeg8HLEFL7H-UIblr15XbuaNtELG52QtB2Zx7PyRat8NkGEkGl8ps_8qeJ7Pm99fpOj_ZjGR3DnvrHXPpuDhae5ZhDIr0XfTn1ToQCuNuJ_3RzYIOdcDfDSWWwGlVHFsXSGZ7kffbMzfWqFZpOjkGgxvyN3Gj7qqEr2DWDcp33PM__I0zcZdf4A6UVOZn4CpyShE8Fz4ond5N4v5knFH6gw6V-z7tQ7H7F2YOSIp5E2IPD8JUHmPz2Rpqg4Kk0q58a8ygAxmxt28R2ZmuuAFGGKqmDnMyaXjqqb1VMnLg\u0026Cookie=DEFAULTLOCALE%3Den_US","cookies":{}}}

Thanks in advance!
3

Hmm can you try to send this request, from both k6 and the other tools, to something like https://httpbin.org/anything or https://httpbin.test.k6.io/anything ?

You can then compare the responses from both and maybe figure out what the problem is. If the requests are basically, identical it could be some weird filtering/firewall in the way (I see some cloudfront mentions in the response headers), e.g. something that doesn’t like k6’s user-agent :person_shrugging:

4

Actually, I just noticed that in the http.request() example, you are sending the params as the request body`, they need to be the 4th argument, see request( method, url, [body], [params] )

1 Like
5

Hi @ned

Thanks for your reply.
That last message was spot on. It works now :slight_smile:

This made my day!

1 Like