Wrong Header names in webhook based trigger
the-csaba opened this issue · comments
Bug Description
Same headers are renamed inside the bundle.rawRequest.headers
, have an unexpected Http-
prefix, which makes using it hard.
Also contrary to the documentation the bundle.cleanedRequest
only contains the content, no header or method access.
Example headers
{
'Http-Host': 'hooks.zapier.com',
'Http-X-Request-Id': '26433038c459bbb396e829c60757bab1',
'Http-X-Real-Ip': ';redacted;',
'Http-X-Forwarded-For': ';redacted;',
'Http-X-Forwarded-Host': 'hooks.zapier.com',
'Http-X-Forwarded-Port': '443',
'Http-X-Forwarded-Proto': 'https',
'Http-X-Scheme': 'https',
'Http-X-Original-Forwarded-For': '35.189.17.248',
'Content-Length': '2972',
'Http-Accept': '*/*',
'Http-Accept-Encoding': 'deflate, gzip',
'Content-Type': 'application/json',
'Http-Referer': 'https://hooks.zapier.com/hooks/standard/4208012/bfea20d2a2c1451bbccd9a5dcfb3388d/',
'Http-User-Agent': 'WooCommerce/4.7.0 Hookshot (WordPress/5.5.3)',
'Http-X-Wc-Webhook-Delivery-Id': '2bc1695b2762fe98193866742c246b9b',
'Http-X-Wc-Webhook-Event': 'updated',
'Http-X-Wc-Webhook-Id': '2622',
'Http-X-Wc-Webhook-Resource': 'order',
'Http-X-Wc-Webhook-Signature': 'E8QTnfh3/VrBQMQQfE71fbtWI8nQZG47WPwN2bUygT8=',
'Http-X-Wc-Webhook-Source': ':redacted:',
'Http-X-Wc-Webhook-Topic': 'order.updated',
'Http-X-Wordpress-Gmt-Offset': '8'
}
Reproduction Steps
- Setup a wenhook based trigger for example WooCommerce
- send data to the trigger
- inspect the
bundle
Version Info
- CLI version: 10.1.1
- Node.js version: v12.19.0
- OS info: darwin-x64
zapier-platform-core
dependency: 10.1.1
@om4csaba I think, confusingly, this is working as intended.
Those http-
prefixes are added by django, our webserver. There's docs about that here.
Now, you shouldn't need to know anything about our backend to use the raw headers in your app, so we'll look into making this a little more consistent across different trigger and action types. At the very least, we could document it better.
Please consider adding get()
method to the bundle.rawRequest.headers
similarly as the response.headers
See #178 (comment)
For further information, maybe because the HTTP headers are case insensitive by the standard, the Incoming headers unexpectedly mixing the character case.
In our integration, we are sending X-WordPress-GMT-Offset
and receiving Http-X-Wordpress-Gmt-Offset
. This only important because array keys case sensitive in JavaScript.
Battled with this today.
Ended up writing a little util to normalise the headers, so you can use the correct header names. Nothing fancy, (wont work if your headers do start with http-
) - but might come in handy for someone...
function getHeaders(bundle:Bundle) {
const headers = bundle.rawRequest?.headers || {};
const normalisedHeaders:Record<string, string> = {};
Object.keys(headers).forEach(key=> {
let normalisedKey = key.toLowerCase();
const prefix = 'http-';
if(normalisedKey.startsWith(prefix)) {
normalisedKey = normalisedKey.slice(prefix.length);
}
normalisedHeaders[normalisedKey] = headers[key];
});
return normalisedHeaders;
}
function performSomething(z:ZObject, bundle:Bundle):void {
const headers = getHeaders(bundle);
const nonce = headers['x-webhook-signature-nonce'];
// do more stuff....
}