POST to an endpoint and then use the X-HTTP-Method-Override header to swap the POST to another verb like so per this example:
POST /drive/items/{item-id} HTTP/1.1
Host: api.onedrive.com
X-HTTP-Method-Override: DELETE
This has a how to on blocking specific headers to remove this as a security hole.
No comments:
Post a Comment