I am adding multiple custom headers in my HttpResponse and on the next request from the browser for the page, I want to read those custom headers and determine if I need to send a 304 response to the browser.
I added the custom headers using Response.AddHeader but on the next request from the browser, the custom headers were not sent.
The browser did recieve the custom headers in the response stream but did not send them on the subsequent request.
I'm expecting the headers since I need to read them on the first request and not on post requests.
NOTE: I don't want to use cookies since I don't want to increase payload. I don't want to use sessions since I don't want to burden the server. My aim to decrease processing in the server as much as possible. As I've mentioned in my comment, I read about ETags and I'm hoping the technique that's used in ETags could be used for custom headers.
There are other ways of of passing information between requests. See this discussion.
You can also use session variables.
Related
For example, ExceptionHandlerMiddleware Middleware code on Github
uses this as:
if (context.Response.HasStarted ||...)
I don't quite get it, how can the web server starts to send response to clients when the request still in the pipeline assuming the ExceptionHandlerMiddleware is the first middleware in the pipeline? Because the request hasn't got out of ExceptionHandlerMiddleware, so it hasn't arrived to the web server, then how could it be that the web server already starts to send responses to client in this scenario?
Any middleware or handler may choose to call WriteAsync (or other similar methods) on the HttpResponse, possibly multiple times.
It's not necessarily possible for all of those writes to just be stored in local buffers, and indeed may not be desirable to just buffer locally. So, sooner or later, those Write calls are going to result in real data being sent over the network.
And, in this concrete example, a handler may have made multiple calls such as the above before it encounters an error condition that causes control to be returned to the ExceptionHandlerMiddleware.
Your specific ExceptionHandlerMiddleware example uses Microsoft.AspNetCore.Http.HttpResponse.HasStarted:
Gets a value indicating whether response headers have been sent to the client.
https://learn.microsoft.com/en-US/dotnet/api/microsoft.aspnetcore.http.httpresponse.hasstarted?view=aspnetcore-5.0
There is also Microsoft.Net.Http.Server.Response.HasStarted:
Indicates if the response status, reason, and headers are prepared to send and can no longer be modified. This is caused by the first write or flush to the response body.
https://learn.microsoft.com/en-US/dotnet/api/microsoft.net.http.server.response.hasstarted?view=aspnetcore-1.1
Each response consis of two parts: Header and Body
These two being sent together to the client, first the headers than the body. So during development, the only opportunity to set any value on the response object that affects the headers is up to the point at which you start sending the body.
As long as you begin sending the body of the response you can no longer change the headers because they are sent as the first part of the response just before the body begins sending.
I have .net core project and add stackify prefix to monitor requests, but in response prefix show only headers but not body of response. It is possible to see all response body?
On prefix site I found information:
It can capture incoming post data, it can also capture the response and the response headers and part of the response body. Right now, we limit that to only be a certain amount of characters so if it’s returning something larger, it won’t capture all of it.
It is possible to change this?
There is not a way to change this at the moment if the response body is too large it will not show up in the traces.
Stackify has an Ideas portal that you can make suggested changes to, their COO gets notified when a new request has been made and when a request has been up voted by several clients. He takes each request into good consideration and arranges them into Stackify's road map. Also you can subscribe to the ideas to keep updated on its progress.
https://ideas.stackify.com
I've added a custom header X-XSRF-TOKEN and when a user logs out I want to be able to remove that header from future requests sent by the browser.
In the logout web api action I can modify the header like so:
Request.GetOwinContext().Response.Headers.Append("X-XSRF-TOKEN", "ModifiedToken");
On future requests it now sends requests with the X-XSRF-TOKEN with the value ModifiedToken. Is there a way I can remove it instead. With cookies you can expire them.
If I call the remove function on the Request or Response headers, on the next request to the server the header is still present:
Request.GetOwinContext().Response.Headers.Remove("X-XSRF-TOKEN");
or
Request.GetOwinContext().Request.Headers.Remove("X-XSRF-TOKEN");
Is it even possible to do this or even guarantee the browser will actually stop sending the header?
Try This.
Request.GetOwinContext().Response.Headers.Append("NULL", "ModifiedToken");
Note - I am not sure it will work or not. But you can try this one as well.
I have a GET API which returns an object of a particular class. I want to send additional information ( a number) without modifying the object in the response.
Following options came to my mind :
1) Using some header value and updating it and send the response(but I think that using headers would be a bad practice in this scenario).
2)Send a multipart response.
Thanks in advance!
If there is no way you can change the response and you need just simple data like numbers, it's OK to use HTTP headers in your response. You can see sample how to do paging using HTTP headers.
I have learned to use http request (create and Getresponse) methods to get the header and content of a link.
Problem is that, it is not the link that I want, that I get as http response.
There is an authentication page that comes instead. Only when I click the accept button, do I reach the page I want.
So the header and content that I actually get is of the authentication page.
Is there a way I can use this header and content to create ones more http request to get the page that I want?
I need to click the accept button in the background.
Thanks.
I'd recommend using Fiddler to capture the interaction with the site using a browser. You can then use the Fiddler output as a guide for replicating the same functionality using your code.
If the site is keeping track of whether or not each user has clicked the Accept button on a per-session basis you'll need to replicate that, probably with an HTTP POST. You'll be able to see how to construct that POST, if relevant, from the Fiddler output.