Error 1501 when trying to amend HSTS security settings

alessandro_bigi · August 24, 2022, 12:03pm

We are trying to amend the current settings for HSTS max value using Cloudflare api as documented here at api[dot]Cloudflare[dot]com[slash]#zone-settings-change-rocket-loader-setting

We can successfully read those settings using the GET endpoint, but when we try to patch them with the same exact payload shown in the docs, we get back this error

{
“result”: {
“id”: “security_header”,
“modified_on”: “2022-01-18T10:48:47.199837Z”,
“value”: {
“strict_transport_security”: {
“enabled”: true,
“max_age”: 14400,
“include_subdomains”: true,
“preload”: true,
“nosniff”: true
}
},
“editable”: true
},
“success”: true,
“errors”: ,
“messages”:
}

essentially the issue is the same reported here in another community topic (hsts-configuration-1051-error, topic id 131051)

unfortunately the topic seems still unanswered
any help would be greatly appreciated

thanks

alessandro_bigi · August 25, 2022, 8:45am

We were eventually able to figure out what we were doing wrong. the payload must carry a value parameter

before we were passing

{ “strict_transport_security”: { specs… }

now

{ “value”:
{ “strict_transport_security”: { specs… }
}

all good now, but a more meaningful validation error would have saved us hours

system · August 28, 2022, 8:45am

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.