2

I have CloudFlare enabled on my website. I wrote a simple REST API to retrieve some data from my website's database. When doing a GET curl request, I can't retrieve the Authorization token. It only doesn't work when CloudFlare is enabled.

This is part of the PHP curl request which is a simple header.

CURLOPT_HTTPHEADER => array(
    "Authorization: Bearer $api_key",
    "Content-Type: application/json"
),

Why is CloudFlare blocking me from retrieving the Authorization token and how do I fix it?

grizzam527
  • 21
  • 1
  • Are you sure your website actually receives the http request at all? cloudflare might be blocking such curl requests which don't have certain headers, such as User-Agent.. for security protection. – Noldor Jun 28 '20 at 01:41
  • Hi @Noldor, I tested it on localhost and it receives the authorization header just fine. But, on the live site (with CloudFlare enabled) it receives everything except the authorization header. It appears to be some security thing. I can't figure out what needs to be set/changed to enable this. * it didn't change anything by adding a User-Agent header. – grizzam527 Jun 28 '20 at 01:53
  • hmm.. since it is a different web server env on cloudflare and your localhost; maybe something related to this topic: https://stackoverflow.com/questions/26475885/authorization-header-missing-in-php-post-request – Noldor Jun 28 '20 at 02:06
  • This doesn't seem to work either. This seems to be a weird CloudFlare specific thing. – grizzam527 Jun 28 '20 at 02:41

0 Answers0