9

I've a simple Python Flask application, which is being served by Apache via mod_wsgi.

The part of my application which works perfectly on my localhost, but does not work through mod_wsgi is the accessing of custom request headers.

When I request a certain web page, I pass it a header called auth_user. On my localhost, I am able to access this header as: request.headers["auth_user"], which works great. However when served through Apache and mod_wsgi, this custom header does not exist! Printing all request.headers shows that the standard Content-Type, Cache-Control headers are sent, but not the auth_user header which i've been sending to my localhost with no problem.

Tcpdump shows that the server is receiving the header, but it is not available in my request.headers.

Does anyone have any idea why this header is not being made available within the app?

Improve this question

3 Answers 3

Reset to default
12

Well this one took me many hours...

Turns out that only alphanumeric characters or '-' are allowed.

Any headers not conforming these will be ignored.

http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.3.0.html <- Bug fixes, point 2.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

Ensure your Apache configuration has the WSGIPassAuthorization directive set to 'On' so your headers get past Apache + WSGI and to your Flask app.

Improve this answer

Comments

1

The solution is to set the claim prefix to something without _ like

OIDCClaimPrefix OIDC-CLAIM-
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.