apichallenges > solutions > options-todos-200
How to complete the challenge OPTIONS /todos (200)
We can use OPTIONS
request to identify the allowed verbs for an API End Point. This is useful to compare these with the Swagger/Open API documentation and also to check if the unlisted verbs are actually disallowed by the API.
OPTIONS /todos (200)
Issue an OPTIONS request on the
/todos
end point. You might want to manually check the 'Allow' header in the response is as expected.
OPTIONS
request will receive a response with no body, just headers if the provided end point exists i.e the/todos
end point- e.g.
OPTIONS /todos
to show the allowed verbs for thetodos
endpoint
- e.g.
200
is a success code, in this case it means the end point exists and theOPTIONS
verb is allowed- The body of the message is empty
- add the
X-CHALLENGER
header to track progress - the important header in the response is the
allow
header as this lists all the allowed verbs to use on the end point.
Basic Instructions
- Issue an
OPTIONS
request to end point "/todos"- if running locally that endpoint would be
https://apichallenges.eviltester.com/todos
- if running locally that endpoint would be
- The request should have an
X-CHALLENGER
header to track challenge completion - The response status code should be
200
when all the details are valid. - Check the
allow
header in the response has valid values
As a set of follow on exercises:
- try
OPTIONS
on a few other endpoints in the API and see if theallow
values are different. - Try to issue requests for each of the allowed verbs.
Example Request
> OPTIONS /todos HTTP/1.1
> Host: apichallenges.eviltester.com
> User-Agent: insomnia/2020.3.3
> X-CHALLENGER: x-challenger-guid
> Accept: */*
Example Response
< HTTP/1.1 200 OK
< Connection: close
< Date: Mon, 12 Apr 2021 09:41:34 GMT
< Allow: OPTIONS, GET, HEAD, POST
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Headers: *
< X-Challenger: x-challenger-guid
< Content-Type: text/html;charset=utf-8
< Server: Jetty(9.4.z-SNAPSHOT)
< Via: 1.1 vegur
Overview Video