I am facing an issue where, if I include ‘Timeout’ as a key name in my post message body then katalon studio returns 403 Forbidden error.
Here is the Message Body
And I get this in return from Katalon Studio
The same API works fine in my web application as well as when I try on Postman with same body message. Only Katalon studio fails this API.
did you check the same Manually ?
do a smoke testing manually and check you are getting the same result
@bharathi.a The same API works fine in my web application as well as when I try on Postman with same body message. Only Katalon studio fails this API.
show us the body of the call when you send it from browser or postman
notice timeout vs Timeout
Before it was timeout, then I just changed it to upper case but still it didn’t work.
so you have to study your api and compare the requests sent by one tool vs the other.
without access to your application it is hard to say, but definetly in katalon you send a malformed request
perhaps you are missing a certain header for auth, therefore 403
I did compare and everything is same.
1 thing which I tried is when I remove the timeout from the body then it reaches the API Server, add I get my expected error result. But when I include the timeout then katalon throws this error.
show to us also how you setup this request in katalon.
it is made by code or request objects?
Could Timeout be reserved by Katalon?
Maybe try myTimeout, just a guess.
@Dave_Evers Yes, it seems like it, when I change the timeout to myTimeout, the API request is sent I also receive the response, obviously an error response because my Model has timeout and not myTimeout. This seems to be a bug of Katalon Studio?
No, it is not katalon who returns 403 Forbidden error.
It is your target REST API service who returns the 403 Forbidden error.
So you should check your target REST API service why it responded the error.
We (guys in this forum) don’t know anything about your target REST API service. So you shouldn’t expect any good advices from us.
I don’t think so, in the end why Katalon should bother with what a request send in the body?
You have to inspect carefully the .har file generated in Katalon when you submit the request and compare the headers, url, body etc with what Postman or whatever other tool you use send succesfully.
403 can be received for a lot of reasons, missing or wrong parametters in URL, malformed endpoint, malformed body, missing or wrong header etc.
Without having access to all this data or to your API we cannot help much
One thing I know, the editor for Request Objects is not very user friendly so it is very easy to do mistakes.
@kazurayam @bionel Hello Guys, I don’t think so anything is wrong with the Request because I already mentioned that if I just change the key name to myTimeout instead of Timeout it works fine. It only returns 403 when the key word matched to Timeout. I know you don’t have the access to my API but you can just right Timeout in your body and see if you get the same error or not.
Hello All, I have changed my API’s model. Now, the key is abcTimeout. I update the body in Katalon studio to abcTimeout and the API works.
Couldn’t find any documentation from Katalon mentioning about this but in my experience, Timeout/timeout key is reserved by Katalon when used in Post body message.