4 months ago
Hi! I am trying to do an HTTP Request GET with JSON Body.
The API I'm trying to call is setup to receive GET with Body
Endpoint: xxx
JSON Raw:
{
"token": "XXX"
}However, everytime I try, it seems Railway is enforcing HTTP standards of not having any body.
TypeError: Request with GET/HEAD method cannot have body.
It's very sensitive data so I shouldn't use POST. Is there any way to overcome this?
14 Replies
4 months ago
Hey there! We've found the following might help you get unblocked faster:
If you find the answer from one of these, please let us know by solving the thread!
4 months ago
you can't, use a POST instead of a GET
ps. POST is more secure the GET, as GET can be cached while POST not, so for sensitive thing you should use POST
samgordon
This shouldn't be Railway. What web framework are you using?
4 months ago
I'm using node.js with Express.js framework.
What I'm doing:
I have a Zap that is timing out when using code by zapier. It has a limit of 30seconds.
I'm using Railway to host the step, so that I can just do a webhook and get the data I want.
When I build it locally, GET with Body works very fine but as soon as I deploy it on Railway, it breaks.
4 months ago
Have you considered using a POST or PUT for this? As fra said using GET is not correct, though it shouldn't be explicitly blocked.
samgordon
Have you considered using a POST or PUT for this? As fra said using GET is not correct, though it shouldn't be explicitly blocked.
4 months ago
Yes, POT with only the token works but I've been strictly instructed to use GET by the Dev.
Thank you for your input
fra
you can't, use a POST instead of a GETps. POST is more secure the GET, as GET can be cached while POST not, so for sensitive thing you should use POST
4 months ago
Yes, that was the only thing that worked but I've been instructed by the DEV to use GET strictly.
thank you for your input!
kikala5
Yes, that was the only thing that worked but I've been instructed by the DEV to use GET strictly.thank you for your input!
4 months ago
Which developer?
I did some minimal research and found that using GET with a body is highly discouraged.
kikala5
Yes, that was the only thing that worked but I've been instructed by the DEV to use GET strictly.thank you for your input!
4 months ago
if you need to use GET you can send it only in the query string, so something like site.com?token=XXX not as json
4 months ago
Even better, but I suppose it depends on the API on the other side...
4 months ago
If Railway is stripping the body and enforcing standards, there is nothing that you can do to bypass that.
I suggest doing query params, ?token=<thetoken> or a header x-api-keyAuthorization etc.
4 months ago
Write a proxy service (in Node/Express, Python/Flask, etc.).
The proxy uses a raw socket or library that does allow GET+body (
http.request,requests) to talk to the target API.
Deploy that proxy somewhere you control (Railway, Fly.io, VPS, even locally).
All your production traffic goes:
Client → Proxy (safe request) → Target API (GET with body)
This way:
Railway never blocks you (because your app just does normal requests).
The proxy forces the weird GET+body.
You isolate the non-standard hack to one controlled service.
abbasmir12
Write a proxy service (in Node/Express, Python/Flask, etc.).The proxy uses a raw socket or library that does allow GET+body (http.request, requests) to talk to the target API.Deploy that proxy somewhere you control (Railway, Fly.io, VPS, even locally).All your production traffic goes:Client → Proxy (safe request) → Target API (GET with body)This way:Railway never blocks you (because your app just does normal requests).The proxy forces the weird GET+body.You isolate the non-standard hack to one controlled service.
4 months ago
That's a brilliant idea, thank you!
Status changed to Solved noahd • 4 months ago