Jquery Ajax headers change header key

Asked Aug 04 '21 at 15:32

Active Aug 04 '21 at 15:49

Viewed 15 times

In an old project using jQuery, I pass a header, but the header received bask side has a different name (a different key).

Front, js side:

options.headers['X-CSRF-TOKEN'] = CSRFToken;

Back, php side

$servers = array();
foreach ($_SERVER as $k=>$v) {
  if (strpos(strtolower($k), 'csrf')) {
    $servers[] = "$k: $v";
  }
}
var_dump($servers);

Is actually printing

HTTP_X_CSRF_TOKEN: ARandomTokenWeDontCareAbout

Yes, I'm quite sure that this headers is passed at this point, if I remove the js part, HTTP_... disappear.

Is it normal, can I avoid this behaviour, should I deal with it ?

Jquery 2.2, PHP 7.4

edited Aug 04 '21 at 15:49

asked Aug 04 '21 at 15:32

mmeisson

What do you mean "I don't receive as-is"? Is `ARandomTokenWeDontCareAbout` different from `CSFFToken`? – Barmar Aug 04 '21 at 15:44
@Barmar Check header key, not value. I give a header named 'X-CSRF-TOKEN', I receive a header named 'HTTP_X_CSRF_TOKEN'. Didn't look at the content which should be good – mmeisson Aug 04 '21 at 15:48
PHP translates all the `-` to `_` when creating the `$_SERVER` key. – Barmar Aug 04 '21 at 15:49

0 Answers0