User agent header evaluation order corner case

[naglis]

Hi,

while trying to add credentials for Odoo, I have stumbled upon a weird corner case with user agent headers.

Upon successful login, Odoo redirects the user to either a user given URL (unvalidated redirect :/) or base back-office URL, but the redirect method is different depending on the user agent.

I am using the redirect as an indicator for login success, and I need a constant user agent in order to get consistent results.

It turns out, changeme by default uses a random user agent from a predefined list.

I have tried setting the headers in auth block, but it appears that the user agent is overwritten with the one selected by changeme afterwards, so, no luck :/

It works great if I pass my user agent via CLI parameters, however, this is not an optimal solution.

I have tried to change the order in which the headers are calculated, so that custom headers from the credentials file are applied afterwards, eg.:

self.headers.update(self.config.useragent)
headers = self.cred['auth'].get('headers', dict())
if headers:
    for h in headers:
        self.headers.update(h)

and it seems to work great. However, I was not sure if the previous header evaluation order was intentional or not. Please let me know if you think the solution is suitable, and I'll gladly make a PR.

[ztgrace]

Hi @naglis,

Thanks for the bug report and I agree it's not behaving as expected. Here's how I think it should work:

1. Pull in User-Agent header from the cred file
2. If there was no User-Agent header in the cred file, grab a random one
3. If the user specified the --useragent switch, force the User-Agent to the specified value

Please let me know if that would fix your use case.

Thanks, Zach