6

My Flask program receives the following request with some data after the #:

https://som.thing.com/callback#data1=XXX&data2=YYY&data3=...

And I need to read the data1 parameter, but this doesn't seem to work:

@app.route("/callback")
def get_data():
    data = request.args.get("data1")
    print(data)
davidism
  • 121,510
  • 29
  • 395
  • 339
ntbt
  • 63
  • 1
  • 3

1 Answers1

10

The hash of the URL (everything after the #) is never sent to the server, the browser will strip it away, keeping that part of the URL completely client-side. According to Wikipedia:

The fragment identifier functions differently to the rest of the URI: its processing is exclusively client-side with no participation from the web server, [...]. When an agent (such as a Web browser) requests a web resource from a Web server, the agent sends the URI to the server, but does not send the fragment.

This means there's no way to retrieve it on the backend, no matter which framework you use, as none of them will ever receive that piece of data.

You need to use query parameters instead, so your URL should look like this:

https://foo.com/bar?data1=ABC&data2=XYZ

And in this case, you will be able to access them using request.args:

from flask import request

@app.route('/bar')
def bar():
    page = request.args.get('data1', default = '', type = str)
    filter = request.args.get('data2', default = 0, type = int)
Danziger
  • 19,628
  • 4
  • 53
  • 83
  • 2
    I get this request in the process of an oauth2 registration and can therefore not change the URL. How am I supposed to get the interesting part? – ntbt Dec 01 '18 at 17:29
  • 2
    @ntbt Take a look at this: https://stackapps.com/questions/7339/implicit-oauth-flow-puts-the-access-token-in-the-hash – Danziger Dec 01 '18 at 17:51
  • I was owning the backend piece, so I've replaced my url requests from `#` to `%23` – user1767754 Sep 28 '20 at 19:54