Python 3 requests and the Header order

Question

I would like to do a request with a header in the exact same order I write it down. But with Burp I have figured out that no matter how I write it in code, it seems to order the header in another way by itself.

Here is my Header order:

headers = {
    'Host': 'localhost',
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0',
    'Accept': 'application/json, text/plain, */*',
    'Accept-Language': 'de-DE',
    'Accept-Encoding': 'gzip, deflate',
    'Content-type': 'application/json',
    'Content-Length': '31',
    'Referer': 'https://localhost',
    'Connection': 'close',
    'Origin': 'https://localhost',
}

And this is the order in the request intercepted by Burp:

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0
Accept-Encoding: gzip, deflate
Accept: application/json, text/plain, */*
Connection: close
Host: localhost
Accept-Language: de-DE
Content-type: application/json
Content-Length: 32
Referer: https://localhost
Origin: https://localhost

Versions and OS:

Windows 10 
python3 --version
Python 3.8.6rc1
pip freeze |findstr requests
requests==2.24.0

[This](https://stackoverflow.com/questions/17239952/python-http-request-with-controlled-ordering-of-http-headers) is a similar question. — Mooncrater, Sep 12 '20 at 13:34
yeah seems so but a headers = OrderedDict() doesnt change the order. — 0x89, Sep 12 '20 at 14:32
sorry I expressed myself wrong. The line of code does nothing. the order with and without is identical "Wrong" — 0x89, Sep 13 '20 at 07:55
Hmm weird. I'll need to experiment with your code to understand your problem. Will revert tomorrow. — Mooncrater, Sep 14 '20 at 14:07

score 0 · Answer 1 · answered Sep 16 '20 at 07:44

I found out that the best way is not with requests but with socks. There still seems to be a problem in the Requests Lib. I will register it as a github issue. Below I added my code about socks. Maybe it will help someone.

HOST = "XXX.com"
PORT = 443

payload = {"json":"data"}
Length = len(payload.encode())

headers = f"""\
POST / HTTP/1.1\r
Host: XXX.com\r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0\r
Accept: application/json, text/plain, \r
Accept-Language: de-DE \r
Content-type: application/json \r
Content-Length: {Length} \r
Referer: XXX.com \r
Connection: close \r
Origin: XXX.com \r
\r\n"""

context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s_sock = context.wrap_socket(s, server_hostname=HOST)
s_sock.connect((HOST, PORT))
s_sock.send(headers.encode() + json.encode())

while True:
    data = s_sock.recv(2048)
    if ( len(data) < 1 ) :
        print(data.decode())
        break
s_sock.close()

Python 3 requests and the Header order

1 Answers1