I was recently testing an HTTPS POST using the REQUESTHTTPX BASIC command. However, I noticed
when looking at the headers that were being received by my server they were all split up and I couldn’t get my
authentication header to go across properly.
Have you had any issues with this in the past? How should I set up my headers to post?
Hello, @anon5585!
The http request headers are passed as a string into REQUESTHTTPX as its third parameter. This allows you to pass multiple headers like:
ContentType=application/json&XRequest=test
There are some conditions to be aware of when passing headers into REQUESTHTTPX. Specifically that ampersand ‘&’, spaces, and = cause the REQUESTHTTPX header input string parser to end one header and begin the next one. For example:
ContentType=application/json&someHeader=my token
Will result in three separate header fields:
ContentType=application/json
someHeader=my
token
If any of your header names or values contain an ampersand, space, or =, these need to be URL escaped. REQUESTHTTPX, upon processing your header string, will unescape your header names and values so they are sent correctly in the http request.
An example of an SAS Token received from an Azure IOT Hub is below (please note: this token is no longer valid and cannot be used to access the specified hub):
=SharedAccessSignature sr=testflexyhub.azure-devices.net&sig=bHb4W27f8RYNpJqTvjvdfbPYawF1f%2FEOdHkZg0geEA0%3D&se=1535835967
If I paste this into a URL Encoder/Decoder like this one, and select “Encode” I will receive the below string:
%3DSharedAccessSignature%20sr%3Dtestflexyhub.azure-devices.net%26sig%3DbHb4W27f8RYNpJqTvjvdfbPYawF1f%252FEOdHkZg0geEA0%253D%26se%3D1535835967
As you can see, any special characters are encoded now. To use this in your REQUESTHTTPX script, you can do the following:
url$ = "https://your-url-to-post-to.com"
method$ = "POST"
token$ = "%3DSharedAccessSignature%20sr%3Dtestflexyhub.azure-devices.net%26sig%3DbHb4W27f8RYNpJqTvjvdfbPYawF1f%252FEOdHkZg0geEA0%253D%26se%3D1535835967"
header$ = "Authorization=" +token$ + "&Content-Type=application/json"
dataToSend$ = "your data to post here"
REQUESTHTTPX url$, method$, header$, dataToSend$
As you can see, we gave the SAS token its own variable, token$. We then concatenated this into the header$ variable to increase readability. You can add any additional headers to the header string as needed, but keep in mind if a field value contains any of the special characters previously mentioned, the parser will consider it a new field. You will need to encode any other headers as well.
You can test your POST requests by using a site like requestb.in. It is a free tool that allows you to see the data without worrying about decrypting the headers.
I hope this helps, and let us know if there are any other questions!
Best,
Ashley