2

I'm not a ruby or rails programmer, but I'm tasked with reverse engineering an API for an RoR app. My HTTP POST requests are failing a validation check, where this line is supposed to provide a specific piece of data:

value = @_request.env['HTTP_X_MY_TOKEN'];

From what little experience I have and searching I've done, it appears to be looking for an HTTP request header MY_TOKEN but I'm unsure if that's the case.

My current HTTP request looks like this:

POST /myapp HTTP/1.1
Host: website.com:80
Content-Type: application/json
Content-Length: 12 

my post data

If that is the case, can I simply add it to my HTTP post request headers as follows:

POST /myapp HTTP/1.1
Host: website.com:80
Content-Type: application/json
MY_TOKEN: sometokentext
Content-Length: 12 

my post data

If not, how do I fill this value during my HTTP POST request?

Adam Davis
  • 91,931
  • 60
  • 264
  • 330
  • you 'll have to provide some more code from your controller. Also, what validation check fails and with what message? – xlembouras May 23 '14 at 04:14

1 Answers1

1

Sending X-MY-TOKEN should do the trick.

As a side note, prepending custom headers with X- is no longer recommended and deprecated according to RFC-6648:

Custom HTTP headers : naming conventions

Community
  • 1
  • 1
Martin Konecny
  • 57,827
  • 19
  • 139
  • 159
  • That worked, thanks! I'll keep the custom header deprecation in mind as the app evolves. I don't know why they're putting this particular info in the header anyway, at the moment this request is actually using header, the URL (GET) and the POST to convey information to the app. I don't see the point, but I'm sure someone thought it was a good idea at the time... – Adam Davis May 23 '14 at 04:30