llHTTPRequest Custom Header Bug

Creating scripts
Subzidion Nightfire
Posts: 6
Joined: Mon Jan 09, 2017 2:36 am
Has thanked: 0
Been thanked: 0

llHTTPRequest Custom Header Bug

Post by Subzidion Nightfire »

I'm making HTTP requests using Token Authentication. I want to use the Authorization Header, so I am using HTTP_CUSTOM_HEADER, like so:

Code: Select all

http_request_id = llHTTPRequest(url, [           
            HTTP_CUSTOM_HEADER, "Authorization", "Token AUTHORIZATION_TOKEN_HERE"
        ], "");
This code works and gives me a response from the API as I would expect, however I always get a script error relating to HTTP_CUSTOM_HEADER:

Code: Select all

[09:23] llHTTPRequest: Name is invalid as a custom header at parameter 1
Authoriztion should be considered a valid header (https://developer.mozilla.org/en-US/doc ... horization) and I don't believe I should be getting a script error here.
User avatar
Ilan Tochner
Posts: 6504
Joined: Sun Dec 23, 2012 8:44 am
Has thanked: 4943 times
Been thanked: 4455 times
Contact:

Re: llHTTPRequest Custom Header Bug

Post by Ilan Tochner »

Hi Subzidion,

This forums thread may prove insightful: viewtopic.php?f=11&t=3290
Subzidion Nightfire
Posts: 6
Joined: Mon Jan 09, 2017 2:36 am
Has thanked: 0
Been thanked: 0

Re: llHTTPRequest Custom Header Bug

Post by Subzidion Nightfire »

Ilan Tochner wrote:Hi Subzidion,

This forums thread may prove insightful: viewtopic.php?f=11&t=3290

After reading through the thread, that seems more an issue of disallowing HTTP requests and filtering requests to prims. Mine is a request to an external server. The HTTP requests I'm making give me exactly what I want/expect. With the HTTP_CUSTOM_HEADER I get a response with data; without it, I get that I am unauthorized. Yet it still gives a script error saying that "Authorization" is an invalid Header name.
User avatar
Ilan Tochner
Posts: 6504
Joined: Sun Dec 23, 2012 8:44 am
Has thanked: 4943 times
Been thanked: 4455 times
Contact:

Re: llHTTPRequest Custom Header Bug

Post by Ilan Tochner »

Please read http://wiki.secondlife.com/wiki/LlHTTPRequest and note their comments about the use of HTTP_CUSTOM_HEADER.
Subzidion Nightfire
Posts: 6
Joined: Mon Jan 09, 2017 2:36 am
Has thanked: 0
Been thanked: 0

Re: llHTTPRequest Custom Header Bug

Post by Subzidion Nightfire »

Ilan Tochner wrote:Please read http://wiki.secondlife.com/wiki/LlHTTPRequest and note their comments about the use of HTTP_CUSTOM_HEADER.
I thought this might be an issue, however the script runs on SL with no script errors. The Header is being passed in the request when I give it, which means that even if LSL thought it should be blocked, it isn't. I'm not sure how llHTTPRequest determines if a Header has a valid name, but it seems to think that "Authorization" is not a valid name, and yet still puts it in the request and receives a successful response.
User avatar
Ilan Tochner
Posts: 6504
Joined: Sun Dec 23, 2012 8:44 am
Has thanked: 4943 times
Been thanked: 4455 times
Contact:

Re: llHTTPRequest Custom Header Bug

Post by Ilan Tochner »

While OpenSim's developers aimed to mimic Second Life server behavior, I think this may be a case where they implemented what the Second Life wiki stated it should work like and not how Second Life actually implemented it.
Subzidion Nightfire
Posts: 6
Joined: Mon Jan 09, 2017 2:36 am
Has thanked: 0
Been thanked: 0

Re: llHTTPRequest Custom Header Bug

Post by Subzidion Nightfire »

Ilan Tochner wrote:While OpenSim's developers aimed to mimic Second Life server behavior, I think this may be a case where they implemented what the Second Life wiki stated it should work like and not how Second Life actually implemented it.
But this isn't the case, because OpenSim doesn't actually block me from using the Authorization header (How I believe it should be) and it tells me that the Header is invalid. The function is working fine, it's displaying an error when it isn't actually encountering one.

The request should either not complete or an error should not be displayed.
User avatar
Ilan Tochner
Posts: 6504
Joined: Sun Dec 23, 2012 8:44 am
Has thanked: 4943 times
Been thanked: 4455 times
Contact:

Re: llHTTPRequest Custom Header Bug

Post by Ilan Tochner »

Use HTTP_MIMETYPE to set the Content-Type header. Attempts to use HTTP_CUSTOM_HEADER to set it will cause a runtime script error.
Hints that there are limitations with using HTTP_CUSTOM_HEADER with this function. They may extend to your usage as well.
Subzidion Nightfire
Posts: 6
Joined: Mon Jan 09, 2017 2:36 am
Has thanked: 0
Been thanked: 0

Re: llHTTPRequest Custom Header Bug

Post by Subzidion Nightfire »

Ilan Tochner wrote:
Use HTTP_MIMETYPE to set the Content-Type header. Attempts to use HTTP_CUSTOM_HEADER to set it will cause a runtime script error.
Hints that there are limitations with using HTTP_CUSTOM_HEADER with this function. They may extend to your usage as well.

Taking your example, in SL, using HTTP_CUSTOM_HEADER, "Content-Type", "application/json" does yield a runtime script error. Then it does not complete the request. When I run the script in Kitely, it yields a runtime script error, but then delivers a C# Error message as the body of the response (!). I believe this is because of how C# implements their WebRequest class hiding some Headers (Like Content-Type) behind an API. Kitely should simply log a Runtime Script Error and not receive any HTTP response like SL does for those protected headers. Limiting HTTP_CUSTOM_HEADER seems to me to be a workaround for C#'s protection of those Headers.

Understanding this limitation, the header I am having issue with, Authorization, which does not seem to be one of the protected headers, as it is available as an HTTP_CUSTOM_HEADER on SL, which would lead me to believe it should be available as an HTTP_CUSTOM_HEADER in Kitely.
User avatar
Ilan Tochner
Posts: 6504
Joined: Sun Dec 23, 2012 8:44 am
Has thanked: 4943 times
Been thanked: 4455 times
Contact:

Re: llHTTPRequest Custom Header Bug

Post by Ilan Tochner »

As stated, OpenSim is a different server architecture from the software Linden Lab developed for their servers and there are quite a few things that differ between these two systems. That said, if using this function does work on another OpenSim grid running OpenSim 0.8.2.1 post fixes then I'd be happy to know about that.
Post Reply