According to the RFC, including the content-length header with a GET request is non compliant, and some services are starting to reject get requests that include a content-length header or are otherwise non-compliant.
The problem is the CI4 curlrequest class is including a content-length header automatically. Also setting the content-type to application/x-www-form-urlencoded which also seems wrong.
Edited to add that I added 'shareOptions' => false to the options and the behavior did not change.
Further edit: I am explicitly setting thr Content-Length and Content-Type to null and the behavior persists.
Link to the issue this causes with SP-API: https://developer-docs.amazon.com/sp-api/changelog/api-request-validation-for-400-errors-with-html-response
$params = [
'MarketplaceIds' => $this->objIntegration->Metadata->MarketplaceIds,
'FulfillmentChannels' => $this->objIntegration->Metadata->FulfillmentChannels,
'OrderStatuses' => $this->objIntegration->Metadata->OrderStatuses,
'LastUpdatedAfter' => date_format( $lastUpdateTime, "Y-m-d\TH:i:s" )
];
$headers = [
'x-amz-access-token' => $this->lwaToken,
'x-amz-date' => date_format( $requestTime, "Y-m-d\TH:i:s" ),
'user-agent' => $this->objIntegration->Metadata->application->user_agent,
'Content-Type' => null,
'Content-Length' => null
];
$options = [
'timeout' => 20
];
$curl = \Config\Services::curlrequest( $options );
$response = $curl->request( 'GET', $this->objIntegration->Metadata->Endpoint . $this->objIntegration->Metadata->GetOrdersPath,
[
'query' => $queryParams,
'headers' => $headers,
'debug' => WRITEPATH . '/logs/GetSPAIOrders_curl.log',
'delay' => $this->delay,
'http_errors' => false,
'shareOptions' => false
] );
Here is the log from the request
> GET /orders/v0/orders?
MarketplaceIds=
ATVPDKIKX0DER&FulfillmentChannels=AFN&OrderStatuses=Shipped&LastUpdatedAfter=2023-11-
20T17%3A55%3A02
HTTP/1.1
Host: sellingpartnerapi-na.amazon.com
Accept: */*
Content-Length: 540
Content-Type: application/x-www-form-urlencoded
x-amz-access-token: [redacted]
x-amz-date: 2023-11-20T18:30:02
* Mark bundle as not supporting multiuse
< HTTP/1.1 400 Bad Request
< Server: Server
< Date: Mon, 20 Nov 2023 18:30:02 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: close
<
* Closing connection 0
How do I prevent Codeigniter from including these non-compliant headers other than rewrite the code using straight curl?
Edit: additional information: This seems to happen when I check the short term LWA token and make a POST call to get a new token. The curlrequest class seems to be storing the Content-Type and Content-Length from the POST call, and even though I'm explicitly setting shareOptions to false and setting those headers to null in the get request, it's still using these on the subsequent GET request.