0

I have a curl request as:

curl --location --request POST 'http://127.0.0.1:8000/hit_api/' \
--header 'x-access-token: xxxx' \
--header 'HTTP_APP: "abcd123"'

Now I want to obtain the string: abcd123 from the HTTP_APP param inserted by the requester.

I tried with:

print(request.META)
    
if "HTTP_APP" not in request.META:

   return JsonResponse({
     'success': False,
     'message': 'HTTP_APP not found in Headers'
   })

And I get only the above JsonResponse because it's not printing the HTTP_APP from the headers.

request.META output:

{'TMPDIR': '/var/folders/07//T/', 'XPC_FLAGS': '0x0', 'TERM_PROGRAM_VERSION': '433', 'TERM_PROGRAM': 'Apple_Terminal', 'XPC_SERVICE_NAME': '0', 'TERM_SESSION_ID': '63385300-42FE-4D88-862B-6A55FD4FE263', 'TERM': 'xterm-256color', '
SSH_AUTH_SOCK': '/private/tmp/com.apple.launchd.bLmUMoeIe0/Listeners', 'SHELL': '/bin/zsh', 'HOME': '/Users/servify', 'LOGNAME': '', 'USER': '', 'PATH': '/Users/servify/Desktop/virtualenvs/crackdenv/bin:/Library/Frameworks/Python.framework/Versions/3.6/bin:/Library/Frameworks/Python.framework/Versions/3.7/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin', 'SHLVL': '1', 'PWD': '/Users/servify/Desktop/crackd-api', 'OLDPWD': '/Users/Desktop/virtualenvs', 'VIRTUAL_ENV': '/Users/servify/Desktop/virtualenvs/abcenv, 'PS1': '(crackdenv) %n@%m %1~ %# ', 'ABC_ENV': 'development', 'LC_CTYPE': 'UTF-8', '
_': '/Users/servify/Desktop/virtualenvs/abcenv/bin/python', '__CF_USER_TEXT_ENCODING': '0x1F6:0x0:0x0', '__PYVENV_LAUNCHER__': '/Users/Desktop/virtualenvs/crackdenv/bin/python', 'DJANGO_SETTINGS_MODULE': 'server.settings', 'TZ': 'UTC', 'RUN_MAIN': 'true', 'SERVER_NAME': '1.0.0.127.in-addr.arpa', 'GATEWAY_INTERFACE': 'CGI/1.1', 'SERVER_PORT': '8000', 'REMOTE_HOST': '', 'CONTENT_LENGTH': '0', 'SCRIPT_NAME': '', 'SERVER_PROTOCOL': 'HTTP/1.1', 'SERVER_SOFTWARE': 'WSGIServer/0.2', 'REQUEST_METHOD': 'POST', 'PATH_INFO': '/get_config/', 'QUERY_STRING': '', 'REMOTE_ADDR': '127.0.0.1', 
'CONTENT_TYPE': 'text/plain', 'HTTP_X_ACCESS_TOKEN': '', 'HTTP_USER_AGENT': 'PostmanRuntime/7.26.1', 'HTTP_ACCEPT': '*/*', 'HTTP_POSTMAN_TOKEN': '', 'HTTP_HOST': '127.0.0.1:8000', 'HTTP_ACCEPT_ENCODING': 'gzip, deflate, br', 'HTTP_CONNECTION': 'keep-alive', 'wsgi.input': <_io.BufferedReader name=11>, 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>, 'wsgi.version': (1, 0), 'wsgi.run_once': False, 'wsgi.url_scheme': 'http', 'wsgi.multithread': True, 'wsgi.multiprocess': False, 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>}

I'm using Django 2.1.2 so cannot use request.headers as per the documentation: https://docs.djangoproject.com/en/3.0/ref/request-response/#attributes

Can someone please guide me on how to get the custom header parameter?

Thanks

Improve this question
4
  • what is the output of print(request.META)? Commented Jun 26, 2020 at 16:24
  • perhaps your curl command is wrong. I can see a dangling single quote. Commented Jun 26, 2020 at 16:28
  • @RonieMartinez - edited the curl. Isn't an issue anyways. @MoosaSaadat - Edited the body to show META contents Commented Jun 26, 2020 at 16:52
  • request.META should contain all HTTP headers. If the abcd123 is not there then your client request that is made is not valid. Commented Jun 27, 2020 at 3:49

1 Answer 1

Reset to default
4

If you are using django-cors-headers library, you have to first allow custom headers, otherwise they will be neglected. Add this to your settings file

from corsheaders.defaults import default_headers
CORS_ALLOW_HEADERS = list(default_headers) + [
    'X-AUTHORIZATION-KEY',  # whatever your header name is add here(without prefixing HTTP)
]

And also as documented here - https://docs.djangoproject.com/en/2.1/ref/request-response/#django.http.HttpRequest.META

With the exception of CONTENT_LENGTH and CONTENT_TYPE, as given above, any HTTP headers in the request are converted to META keys by converting all characters to uppercase, replacing any hyphens with underscores and adding an HTTP_ prefix to the name. So, for example, a header called X-Bender would be mapped to the META key HTTP_X_BENDER.

Assuming your header name is 'X-AUTHORIZATION-KEY', you will send only 'X-AUTHORIZATION-KEY' from curl/postman request and in your django code check for request_meta.get('HTTP_X_AUTHORIZATION_KEY')

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Worked. Thanks! I also added corsheaders in INSTALLED_APPS, and 'corsheaders.middleware.CorsMiddleware', in MIDDLEWARE and it worked while using postman. :)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.