Questions tagged [http-headers]
In the Hypertext Transfer Protocol (HTTP), HTTP header fields contain the operating parameters of an HTTP request or response. With the request or response line (first line of message), they form the message header.
http-headers
12,033
questions
0
votes
0
answers
4
views
How can I set the Secure and HttpOnly flags on cookies on Shopify?
I am working on a shopify website and i have been examining the security of it. I found several cookies without secure and HttpOnly flags set on them, they are not sensitive cookies but to have a ...
-3
votes
1
answer
31
views
"You didn't provide an API key. You need to provide your API key in an Authorization header using Bearer auth (i.e. Authorization: Bearer YOUR_KEY) [closed]
I WANT TO CREATE AN AI IMAGE GENERATOR USING OPENAI
HOW CAN I SOLVE THIS PROBLEM ??
const API_KEY = "KEY..."
const submitIcon = document.querySelector("#submit-icon")
const ...
0
votes
0
answers
60
views
Flutter Not Sending Headers to Django Rest Framwork
I'm facing an issue with my Flutter app where the headers I'm trying to send to my Django backend aren't being received.
When I use Postman to send a request to my Django endpoint, the headers are ...
-1
votes
1
answer
67
views
Removing Server header from IIS 10 for static content
How can I remove Server header for static content (e.g. javascript/css/images) that is server by ASP.NET Web Forms application that is hosted on IIS 10? I think I tried pretty much everything that I ...
0
votes
0
answers
18
views
Is it required to have a space after semicolon in HTTP-Header content-disposition?
A WAF we are using is blocking responses from our webserver because of "Malformed HTTP-Header".
I suspect it is because of a "content-disposition" header set by the spring ...
0
votes
0
answers
22
views
Authorization header not passing from backend in node.js
i'm creating a new api called "/protected/history/resume/usagedownloadcheck/:u_id" it is hitting fine but the authorization header is not passing.
response from interceptor:
HttpResponse {...
0
votes
0
answers
21
views
How do I configure NGINX to maintain the session when Java web app redirects to Microsoft for authentication?
We have a Java web application that uses security very similar to examples provided by Microsoft for authentication (Microsoft Authentication Library).
We use Payara Enterprise as our Java application ...
0
votes
1
answer
39
views
File download has no file extension using Content-Disposition
I'm working with PHP in the Symfony Framework (or at least some components of the Framework). I generate a QR-Code and now I want to download it for our design department. There are 2 problems ...
0
votes
0
answers
12
views
Droidscript HttpRequest - Unable to access Cookie value
I'm currently making an HTTP request using DroidScript, and I'm encountering some problems.
var headers = "Cookie=name=value"
http = app.HttpRequest("GET", http://localhost/, null,...
0
votes
1
answer
31
views
Retrieve raw HTTP headers in node.js http module
I'm trying to get the raw HTTP headers of an incoming request in the node.js HTTP module. I want to extract the request line:
GET / HTTP/1.1
However, there doesn't seem to be a way to do it.
I'm ...
0
votes
0
answers
18
views
HTTP Headers Empty BEFORE use
This is an Angular 17 project.
I am assigning headers to an object and as soon as I've done that, logged that object in the console. When I compare this to other uses of this code elsewhere in the ...
0
votes
0
answers
15
views
How to restrict access depending on the referer header using AWS Amplify
I have a web app that needs to be hosted using Amplify.
The content can only be accessed if the request header referer matches a regex.
How/where to set it up?
After deploying to amplify, I could not ...
-3
votes
0
answers
21
views
How to fix "headers already sent" [duplicate]
Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\website\login_register.html:1) in C:\xampp\htdocs\login.php on line 30
<?php
...
0
votes
1
answer
37
views
How to Securely and Efficiently Store a nonce Value in a Next.js Application?
I am developing a Next.js application that requires interacting with an external API. Each request to this API must include a unique nonce value that is provided by the API with each response. I need ...
0
votes
0
answers
24
views
Does the type-parameter in a multipart/related Accept-header need to be escaped?
I need to serve requests with headers
Accept: application/dicom+json
and/or
Accept: multipart/related; type="application/dicom+xml"
(dictated by Dicom QIDO-RS, for the curious ;))
While ...