Make sure you set your content type to application/json otherwise it will be rejected to prevent certain types of cross site security attacks.