[Bug]: POST to rest endpoint on https for stored proc returns a location header with insecure http scheme #3032
Description
What happened?
A bug happened!
Posting to a stored procedure endpoint returns a location header that doesn't match the request incoming scheme. This results in errors on clients that don't allow insecure redirects.
The returned scheme should match the incoming scheme
POST https://<url>-api-stgwe.yellowfield-2df9f307.westeurope.azurecontainerapps.io/rest/SessionVote
201
259 ms
POST /dataapi-stg/rest/SessionVote HTTP/1.1
Content-Type: application/json
Authorization: Bearer
User-Agent: PostmanRuntime/7.51.0
Accept: */*
Cache-Control: no-cache
Postman-Token: a2fadac6-067d-4a0b-8a5f-ba3b90d46ee8
Host: apim-sqlbits-api-management.azure-api.net
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 65
Cookie: acaAffinity="6ea9edfe43f98424"
{"SessionId":1232131,
"Email":"simon@asdsa.com",
"Vote":true
}
HTTP/1.1 201 Created
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 16:32:18 GMT
Cache-Control: private
Location: http://<url>-api-stgwe.yellowfield-2df9f307.westeurope.azurecontainerapps.io/rest/SessionVote
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
x-ms-middleware-request-id: 42421e73-1ba6-496f-8dd7-88beee5a0489
x-ms-correlation-id: 5f147408-1cb2-40e9-b406-7dcac4fae555
Request-Context: appId=cid-v1:2845ea60-a09f-4c5c-9500-47f887b00b3a
{"value":[{"SessionId":123131},{"SessionId":1231231},{"SessionId":1232131}]}
Version
1.6.84
What database are you using?
Azure SQL
What hosting model are you using?
Container Apps
Which API approach are you accessing DAB through?
REST
Relevant log output
Code of Conduct
- I agree to follow this project's Code of Conduct