getHeader is not working - Githubissues

zigzap / zap

blazingly fast backends in zig

MIT License

2.23k stars 75 forks source link

getHeader is not working #113

Closed Fyphen1223 closed 2 months ago

Fyphen1223 commented 3 months ago

r.getHeader always returns null, even though the request surely contains headers.

schwigri commented 3 months ago

I ran into this, try it with lowercase header names, like this:

if (r.getHeader("accept")) |accept_header| {
    std.debug.print("Accept: {s}\n", .{accept_header});
}

renerocksai commented 2 months ago

Please tell us more. Does it work with lowercase?

renerocksai commented 2 months ago

facil.io lowercases the headers. here is an excerpt from http1_parser.h:

#ifndef HTTP_HEADERS_LOWERCASE
/**
 * When defined, HTTP headers will be converted to lowercase and header
 * searches will be case sensitive.
 *
 * This is highly recommended, required by facil.io and helps with HTTP/2
 * compatibility.
 */
#define HTTP_HEADERS_LOWERCASE 1
#endif

Note that the #ifndef logic ensures that HTTP_HEADERS_LOWERCASE is always set.

This must be documented; I'll do that on master.

renerocksai commented 2 months ago

Please feel free to reopen if your problem seems unrelated to above-mentioned lower-casing.

Fyphen1223 commented 2 months ago

Sorry for not resopnding... Changing into lower-case didn't work for me.

renerocksai commented 2 months ago

OK, thanks for letting us know. Can you provide more info, maybe? Like, a dump of a curl -v command that shows the headers being sent and a code snippet?

Fyphen1223 commented 2 months ago

It works with other header names. I'm trying to get an Authorization header, but it doesn't work - most of the other headers work.

Fyphen1223 commented 2 months ago

I'm really not sure why only Authorization header does not work

renerocksai commented 2 months ago

There's a lot of authorization-related code in the auth endpoint. You can use that as example: http_auth.zig.

I vaguely remember that you have to be extra-careful with Authorization vs. Authentication in the headers. Like, with Basic auth, you want "Authentication", but with Bearer auth you want "Authorization". Client frameworks might mix those two, too. My code in http_auth is very strict in that regard. You could implement a more lax approach, scanning for either of the two fields. This is my current best guess.

Fyphen1223 commented 2 months ago

I'm definitely using the Authorization header and accepting the Authorization header. It just doesn't work.

renerocksai commented 2 months ago

You are not being helpful in getting to the bottom of this. I am using AuthEndpoint with Bearer Authorization for API auth and it always works. It just works.

Fyphen1223 commented 2 months ago

Ummm, okay... Then let me try it. But I'm currently not with my PC, so can I let you know after I try this?

renerocksai commented 2 months ago

Of course! I am currently on vacation with limited access to my laptop. I'm not in a hurry :-)

Fyphen1223 commented 2 months ago

Got it, thanks! Enjoy your vacation!

renerocksai commented 2 months ago

Any updates on this?