0

I have a URL like below https://127.0.0.1:8000/method/?param1=param1#param2=param2&param3=param3

How can I get the value of param2 and param3 from the above. I can read the param1 value using request.GET.get('param1') When I read the param2 it is coming as None.

Suresh
  • 43
  • 7
  • 4
    why would you do that? this is not in accordance to any standard I'm aware of. Why not use `&`? `#` is used for anchoring – DeepSpace Jan 27 '20 at 09:43
  • Does this answer your question? [How to access url hash/fragment from a Django Request object](https://stackoverflow.com/questions/2181186/how-to-access-url-hash-fragment-from-a-django-request-object) – JPG Jan 27 '20 at 10:13
  • Yes, but it's a callback url , where the third party will redirect to this url by passing some data. At that time they are appending # and passing the data – Suresh Jan 27 '20 at 11:11
  • Is it possible to read that? – Suresh Jan 27 '20 at 11:12
  • @Suresh not, it's not. As I previously explained `#` is used for anchoring. The client does not pass anything after it to the server (see my answer for a proof). Use `&` – DeepSpace Jan 27 '20 at 12:54
  • Its a server to server request. – Suresh Jan 28 '20 at 07:04

1 Answers1

0

This can't be done, not easily at least, as it goes against at least one major standard in which # is used for anchoring, and anything after it is not even being sent to the server.

When an agent (such as a web browser) requests a web resource from a web server, the agent sends the URI to the server, but does not send the fragment

from https://en.wikipedia.org/wiki/Fragment_identifier

Example:

λ python -m http.server &
λ curl "localhost:8000/?param1=param1#param2=param2&param3=param3"
127.0.0.1 - - [27/Jan/2020 15:00:32] "GET /?param1=param1 HTTP/1.1" 200 -
#                                                     ^ nothing after # is seen by the server

You have to use & to separate URL parameters.

DeepSpace
  • 78,697
  • 11
  • 109
  • 154
  • This is true. Browsers do not send the anchors to the server. But `django` *CAN* be configured to accept `#`s in the url, I believe. – nima Jan 27 '20 at 13:03
  • @nima how would Django receive data the client does not even send it? – DeepSpace Jan 27 '20 at 13:55
  • If you read comments in OP, you can see that this endpoint is going to be used as a callback url. So the client is *not* a browser and maybe the third-party mentioned by @Suresh will send those info nonetheless. – nima Jan 27 '20 at 14:08
  • @nima Python's `requests` is also not a browser and it does not pass anything after `#` to the server as well. OP can reinvent their own client/protocol that does, but I don't see how this will be better/easier than doing what everyone else on earth is doing, which is using `&` which literally works out-of-the-box – DeepSpace Jan 27 '20 at 14:12
  • I definitely agree with you on this matter. But there might be situations that there is nothing you can do and third-parties might not comply with the standards and do unusual things like this. – nima Jan 27 '20 at 14:33
  • Currently, I am working on the Open Banking implementation. And Hashbang # is the OB Standards draft https://openbanking.atlassian.net/wiki/spaces/DZ/pages/68550784/Open+Banking+Security+Profile+-+Implementer+s+Draft+v1.1.1 After the PSU has consented directly with the ASPSP via their web application (and confirmed the Debtor account) the ASPSP validates the Authorization request and generates an Auth Code and ID Token HTTP/1.1 302 Found Location: https://api.mytpp.com/cb# code=SplxlOBeZQQYbYS6WxSbIA &id_token=eyJ0 – Suresh Jan 28 '20 at 07:03