-
Posts
8 -
Joined
Posts posted by advaithm
-
-
Yes it works 🙂
Thank you so much ❤️
P.S. what caused the problem?
-
6 hours ago, Krydos said:
Try putting this in your .htaccess
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
So, I added it to the htaccess, but the output stays the same. Just sharing my whole .htaccess file for your reference:
flaskTEST/.htaccess
RewriteEngine On RewriteBase / RewriteRule ^(flasktest\.wsgi/.*)$ - [L] RewriteRule ^(.*)$ flaskTEST/flasktest.wsgi/$1 [QSA,PT,L] RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
The directory I use is flaskTEST and the WSGI file is flaskTEST.wsgi
An interesting thing I noted is that the .htaccess rule made the header reachable to a PHP script, but not the WSGI.
The PHP script is this:
<?php $headers = apache_request_headers(); echo '<!DOCTYPE html><html><head><meta charset="utf-8"><title>test headers</title></head><body><ul>'; echo "\n\n"; foreach ($headers as $header => $value) { echo "<li>$header: $value </li>\n"; } echo "</ul>\n"; echo '</body></html>';
That script outputted the Authorization header:
<!DOCTYPE html><html><head><meta charset="utf-8"><title>test headers</title></head><body><ul> <li>Another: header </li> <li>Accept: */* </li> <li>User-Agent: curl/8.0.1 </li> <li>Authorization: Basic c2FtcGxlOmhlYWRlcg== </li> <li>Host: amsdc.helioho.st </li> <li>Content-Length: </li> <li>Content-Type: </li> </ul> </body></html>
-
Username: advaithm
Server: Johnny
Main Domain: amsdc.helioho.st
---
The Authorization header is not getting forwarded to my Flask WSGI app.
Steps to reproduce:
- Follow these steps to create a Flask app. Note: username is now domain name.
-
Replace the code in myapp.py with the following:
from flask import Flask, request app = Flask(__name__) @app.route("/head/test/", methods=["GET"]) def head_version(): return str(request.headers) if __name__ == "__main__": app.run()
-
Execute the following request in curl:
-
This will test HTTP Basic Auth:
$ curl.exe -u test:password -H "Another: header" -i https://<domain>.helioho.st/flask/head/test/ HTTP/1.1 200 OK Server: nginx Date: <THE DATE> Content-Type: text/html; charset=utf-8 Content-Length: 176 Connection: keep-alive X-Powered-By: PleskLin Host: <username>.helioho.st X-Real-Ip: <YOUR IP> X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: curl/8.0.1 Accept: */* Another: header
Note that the Another header passed through, but there is no Authorization: Basic header.
-
The same example can be repeated with Authorization: Bearer for JWTs:
curl.exe -H "Another: header" -H "Authorization: Bearer 1234" -i https://<DOMAIN>.helioho.st/flask/head/test/ HTTP/1.1 200 OK Server: nginx Date: <TIME> Content-Type: text/html; charset=utf-8 Content-Length: 176 Connection: keep-alive X-Powered-By: PleskLin Host: <DOMAIN>.helioho.st X-Real-Ip: <YOUR IP> X-Accel-Internal: /internal-nginx-static-location Connection: close User-Agent: curl/8.0.1 Accept: */* Another: header
The same result occurs i.e. Authorization header is filtered.
-
This will test HTTP Basic Auth:
I request the disabling of filtering of the Authorization header as my web application will not work without its passing through.
-
Solved it, guess it was a cache issue.
-
Note: This is specific to HelioHost.
There was a NameError in some code on line 87.
Line 87 of my code was: return MySQLdb.connect(**kwargs)
I modified it to: return mysql.connector.connect(**kwargs)
mysql.connector has been imported in the file. Hence, no NameError should show up. Yet, the error still shows up in the logs. In the wiki it is mentioned that it takes several hours to purge the cache. However, in my case, the log files show the updated code but still have the same error. For example:
return mysql.connector.connect(**kwargs) NameError: 'MySQLdb' is not defined
What is happening here? Is it a caching issue, or something which I should do on my side?
(I can share the code if required)
-
Thank you so much @Krydos.
P.S.
10 hours ago, Krydos said:Finally, if you need any other modules installed please reference https://johnny.kairion.eu.org/pyinfo/info3.10.py first and only request modules that aren't already installed. It saves me quite a bit of time to not have to check 15 different modules that are already installed.
Was not aware of this link. I had read the documentation, but this link wasn't mentioned anywhere. Had I known about it, I wouldn't have blindly pasted my requirements.txt file. It would be helpful if you could add this link to the docs (GitBook).
-
Username: advaithm
Server: Johnny
Main Domain: amsdc.helioho.st
---
I would like the following Python modules to be installed on the Johnny server. These modules are required to run one of my Flask projects, which I'm serving using the WSGI file.
The list is in the format of requirements.txt. Do pardon me if I have repeated modules which are already installed on the server.
aniso8601==9.0.1 click==8.1.3 colorama==0.4.4 Flask==2.1.2 Flask-HTTPAuth==4.6.0 Flask-Mail==0.9.1 Flask-MySQLdb==1.0.1 Flask-RESTful==0.3.9 itsdangerous==2.1.2 Jinja2==3.1.2 MarkupSafe==2.1.1 mysqlclient==2.1.1 PyJWT==2.4.0 python-dotenv==0.20.0 pytz==2022.1 six==1.16.0 Werkzeug==2.1.2 onetimepass==1.0.1
If it is not possible to install any of the packages, please do let me know and I'll try to find an alternative/manage without it.
[Solved] HTTP Authorization header not forwarding to WSGI app
in Escalated Requests
Posted
Oh okay 👍
Thanks once again for the prompt response