How to return location header url with protocol https?

Question

I have a secured webapp with a flask based Web and Celery containers that communicates via https.
The Web container receives a POST fetch, with https protocol, from the client, starts a background task, and returns a response that includes the url for the task status:

jsonify({}), 202, {'Location': url_for('create_zip_file_taskstatus', task_id=task.id)}

The client waits for the response and then gets the url for the task status:

let create_zipfile_status_url = response.headers.get('location');

The relative url of the location itself without the protocol is fine:

url_for('create_zip_file_taskstatus', task_id=task.id): /status/c4bc9e2c-6ecd-4bf3-bc25-782f8e4e66c6

But the full url has a protocol of http, which causes CORS errors.

create_zipfile_status_url: http://localhost/status/7aba0d27-712d-4623-a37e-5262b53fe212

How can I set the location header url to be with protocol https (instead of http)?

score 0 · Answer 1 · answered Feb 18 '20 at 06:35

I found the solution here. Needed to add _external=True, _scheme='https' i.e. change from

return jsonify({}), 202, {'Location': url_for('create_zip_file_taskstatus', task_id=task.id)}

to

return jsonify({}), 202, {'Location': url_for('create_zip_file_taskstatus', task_id=task.id, _external=True, _scheme='https')}

How to return location header url with protocol https?

1 Answers1