Dgraph should return 404 on non-existent API paths

Report a Dgraph Bug

This path returns status 200 http://localhost:8080/admin/test but it doesn’t exist.

What version of Dgraph are you using?


Have you tried reproducing the issue with the latest release?


Using fetch you can see details

Response {
  _bodySource: ReadableStream { locked: false },
  _stream: null,
  url: "http://localhost:8080/admin/test",
  statusText: "OK",
  status: 200,
  headers: Headers { date: Thu, 20 Aug 2020 02:47:13 GMT, content-length: 80, content-type: text/plain; charset=utf-8 },
  redirected: false,
  type: "default"

It should be denied as it is a false positive. It took time for me to understand what was happening in a typo - It was a typo, but I didn’t notice cuz the response was a false positive. I saw an “internal error 500” or a long period of loading. But the issue was that Dgraph is setting any path at :8080/ as a valid one.

On Insomnia there is also a false positive, but it returns a text in the response. That response doesn’t come in other tools.


Fixed in fix: Return 404 status on non-existent API calls by vmrajas · Pull Request #6296 · dgraph-io/dgraph · GitHub

1 Like