stackoom
  简体   繁体   中英

Python Bottle rest headers not working with underscore

 原文  2017-02-20 13:33:26       python/ rest/ mod-wsgi/ bottle/ request-headers

Question

I am facing issues for rest headers with underscore, not getting the rest headers value while i am printing them.

Did someone have any idea of how I could make this work ?

Thanks!

1 answers

solution1
 0  2017-02-20 19:34:42

You shouldn't use underscores in header names, use only dashes as separators.

Mainstream web servers such as Apache and nginx, plus some Python WSGI servers/frameworks will throw away headers with underscores to avoid header spoofing.

Imagine you have a header: 

My-Header: value

This in CGI/WSGI gets converted to variable: 

HTTP_MY_HEADER: value

when passed to application.

The problem is that a header: 

My_Header: value

also maps to the same.

The danger here is that a client could use one, and something between such as a proxy could deliberately set the other to try and take precedence, overwriting the original when the server/application processes it.

As this is a potential security issue, servers are only allowing headers with alphanumerics and dashes to pass through now and anything else is discarded.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Python Bottle <br /> not working? Python Microframework Bottle not working Python string encode not working for rest api headers Bottle (python): post decorator is not working python bottle persistent cookie not working Python Logging in Bottle not working in route JQuery function not working with Python's Bottle Localhost not working while using bottle python Python bottle / not working, redirected to router error page Error 404 - Getting Stylesheet Working in Bottle (Python Webframework)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM