diff options
Diffstat (limited to 'docs/reference/api-conventions.asciidoc')
-rw-r--r-- | docs/reference/api-conventions.asciidoc | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/docs/reference/api-conventions.asciidoc b/docs/reference/api-conventions.asciidoc index 712a7969a0..7e8ed1c1c8 100644 --- a/docs/reference/api-conventions.asciidoc +++ b/docs/reference/api-conventions.asciidoc @@ -670,7 +670,27 @@ The response looks like: For libraries that don't accept a request body for non-POST requests, you can pass the request body as the `source` query string parameter -instead. +instead. When using this method, the `source_content_type` parameter +should also be passed with a media type value that indicates the format +of the source, such as `application/json`. + +[float] +=== Content-Type auto-detection + +deprecated[5.3.0, Provide the proper Content-Type header] + +The content sent in a request body or using the `source` query string +parameter is inspected to automatically determine the content type +(JSON, YAML, SMILE, or CBOR). + +A strict mode can be enabled which disables auto-detection and requires +that all requests with a body have a Content-Type header that maps to +a supported format. To enabled this strict mode, add the following +setting to the `elasticsearch.yml` file: + + http.content_type.required: true + +The default value is `false`. [[url-access-control]] == URL-based access control @@ -682,7 +702,7 @@ the choice of specifying an index in the URL and on each individual request within the request body. This can make URL-based access control challenging. To prevent the user from overriding the index which has been specified in the -URL, add this setting to the `config.yml` file: +URL, add this setting to the `elasticsearch.yml` file: rest.action.multi.allow_explicit_index: false |