_redirect returns 500 Internal Server Error for only PUT and DELETE requests


I have successfully deployed my app and working fine : https://brave-euclid-b12d2c.netlify.com/

I have an API outside of Netlify and forwarding all api request via redirect configuration below

# The following redirect is intended for use with most SPAs that handle
# routing internally.
  from = "/api/*"
  to = "http://eduapphh.000webhostapp.com/api.php/:splat"
  status = 200

  from = "/test/*"
  to = "http://eduapphh.000webhostapp.com/test.php/:splat"
  status = 200

In the app, GET,POST requests are being forward to API and working perfectly but DELETE and PUT requests are not reaching to API server.

I have created /test endpoint for test purposes and API returns only request method of the request.

POST https://brave-euclid-b12d2c.netlify.com/test/1

GET https://brave-euclid-b12d2c.netlify.com/test/1

PUT https://brave-euclid-b12d2c.netlify.com/test/1
500Internal Server Error

DELETE https://brave-euclid-b12d2c.netlify.com/test/1
500Internal Server Error

On the API server, my .htaccess file is empty and nothing blocks PUT and DELETE requests

Should i do anything different?

Example request:
X-NF-Request-ID: d3b3bc98-102b-4f04-bf62-417d34e48a79-21594592


Hi Yavuz,

I do see an internal error on that request (thank you for including the screenshot of your x-nf-request-id!)

We’ll be able to work with the relevant dev team tomorrow to try to understand the error - I wouldn’t think you’re the first person to try PUT or DELETE over a proxy’d route, so I think that should work.

Should have some news to follow up with tomorrow!

Hi Chris,

Thank you for the update.
I have tried again. This time all my requests are being convert to GET request somehow.
Whether I send PUT, POST or DELETE request, i see only GET request on the other server side.

DELETE - https://brave-euclid-b12d2c.netlify.com/test/1

[REQUEST_URI] => /test.php/1
[SCRIPT_NAME] => /test.php
[PATH_INFO] => /1

X-NF-Request-ID: f430a356-f271-4d3c-a9ed-8c3afbc4a3bf-4604224


This is due to our migration described in this thread: Changes coming to Netlify site URLs

I think you should be able to call the function at https://brave-euclid-b12d2c.netlify.app/test/1 now and get identical results.

Our team is still investigating handling PUT/DELETE’s differently; we just reviewed with a senior developer a couple hours ago and he should have news for us tomorrow.

Hi Yavuz, seems your php page at the end of the proxy path does not return any body for PUT or DELETE requests, and this is in violation of the HTTP standard and is causing our proxying to fail to complete. Please make it return a body, and a proper Content-Length header for that body, and I think you’ll find things work better.

Hi Chris,

I realised that PUT and DELETE requests are block from the hosting company for the requests coming from outside. Thank you for your support. That helped a lot :slight_smile:


1 Like

I am getting the same issue.
X-NF-Request-ID: 80e62b91-3e17-41af-8f1a-1328e38e0a20-24323157

Hi, @pinchas. I’m showing the resource that request was proxied to didn’t respond with a valid HTTP response and therefore the proxied request returned a 500 response.

The error for the proxied resource was:

Error occurred while handling proxied request" error="[500] Failed to make proxied request: local error: tls: no renegotiation

I’ve also tested the resource directly using the same URL and HTTP verb which was GET (not PUT or DELETE). The result is the same type of error and there is no valid HTTP response:

$ curl -sv https://<REDACTED DOMAIN NAME>/api/user/authenticate
* Connected to <REDACTED DOMAIN NAME> (<REDACTED IP ADDRESS>) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  start date: Feb 27 00:00:00 2020 GMT
*  expire date: Feb 27 23:59:59 2022 GMT
*  subjectAltName: host "<REDACTED DOMAIN NAME>" matched cert's "*.<REDACTED APEX DOMAIN NAME>"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fec6d80f600)
> GET /api/user/authenticate HTTP/2
> User-Agent: curl/7.64.1
> Accept: */*
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
* HTTP/2 stream 0 was not closed cleanly: HTTP_1_1_REQUIRED (err 13)
* Forcing HTTP/1.1 for NTLMstopped the pause stream!
* Connection #0 to host <REDACTED DOMAIN NAME> left intact
* Closing connection 0

This is the root cause of the 500 response for the proxied URL. If there are other questions or concerns, please let us know.

@luke Is there any more info in the error that can help us in debugging the issue? We can’t find anything wrong with our response. We can see that the request is happening correctly and comes into our application currently.
Also are there any limitations we should be aware of with the proxy?

Hi, @pinchas. I can reproduce the error with this:

$ curl -I https://< insert proxied domain name here>/api/user/authenticate
curl: (92) HTTP/2 stream 0 was not closed cleanly: HTTP_1_1_REQUIRED (err 13)

This will cause a 500 response with our proxy service because there is no HTTP response.

Replace the < insert proxied domain name here> with the domain name in the redirect rule (not the domain name for the Netlify site). For example, it would look like this:

curl -I https://api.example.com/api/user/authenticate

and not like this:

curl -I https://example.netlify.app/api/user/authenticate

If there are other questions, please let us know.