HTTP Headers Being Overwritten

Asked Feb 21 '19 at 18:32

Active Feb 21 '19 at 18:32

Viewed 285 times

I am writing a REST microservice using Flask and Connexion. I have a custom authentication scheme that I have developed where I add two custom headers to the HTTP request - "Authentication" a bearer token and "token" a JWT.

I can run successfully on a flask debug server on my local machine, but when I run it on my Apache web server the headers are modified. Specifically, the "Authorization" and "token" headers are missing when the request is received (i.e. in flask.request.headers) and "Token" is added. The rewritten headers look like:

Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
Token: eyJ0eXAiOiJKV1QiLCJhbrmn8gOx0DE...
Alg: HS256

Curiously, if I change my custom headers to "X-Authorization" and "X-Token" they show up in the received header (along with the added "Token" header.)

Any clues on why my custom headers are being overwritten?

Thanks!!!

asked Feb 21 '19 at 18:32

Len Wanger

See https://stackoverflow.com/questions/26549250/apache-strips-down-authorization-header – vimalloc Feb 21 '19 at 22:28
That was it.... thank you! – Len Wanger Feb 21 '19 at 23:50

HTTP Headers Being Overwritten

0 Answers0