CODEWITHSUNDEEP
asp.net-web-api2flutter
boeledi
boeledi

Reputation: 7567

Flutter: (ASP.NET) Web API : Invalid Header Field Name

I am new to Flutter and I am trying to call my ASP.NET server web API.

From the logs on my server, everything goes fine but Android Studio throws an exception: "invalid header field name".

Here is the code in dart:

import 'package:http/http.dart' as http;
...

_getService()  async {
  String result;
  try {
    var url = 'http://192.168.1.14:34263/api/Mobile/test/1';
    Future<http.Response> response = http.get( url );
    result = response.toString();
  } catch(exception){
    result = exception.toString();
    debugPrint(result);
  }
...
}

Here is the response header (obtained via Chrome):

Access-Control-Allow-Headers:accept, authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: WWW-Authenticate
Cache-Control: no-cache
Content-Encoding: deflate
Content-Length:79
Content-Type: application/xml; charset=utf-8
Date: Thu, 08 Mar 2018 01:01:25 GMT
Expires:-1
Pragma:no-cache

Server:MyTestServer
X-Content-Type-Options:NOSNIFF
X-Permitted-Cross-Domain-Policies:master-only
X-SourceFiles:=?UTF-8?BDpcTXlJbmNyZWRpYmxlRHJlc3NpbmdcTXlJbmNyZWRpYmxlRHJlc3NpbmdcTXlJbmNyZWRpYmxlRHJlc3NpbmdcYXBpXE1vYmlsZVxjb3Vjb3VcMQ==?=
X-XSS-Protection:1;mode=block

Here is the answer which is returned:

<string xmlns="http://schemas.microsoft.com/2003/10/Serialization/">test</string>

Can anyone tell me what am I doing wrong?

Many thanks

Upvotes: 0

Views: 2673

Answers (2)

winqoo
winqoo

Reputation: 961

I had similar problem and after some heavy debugging

I removed these headers from nginx:

#add_header X−Content−Type−Options nosniff;

#add_header X−Frame−Options SAMEORIGIN;

#add_header X−XSS−Protection 1;

and it works fine. So most likely it's backend - header related issue

Upvotes: 0

boeledi
boeledi

Reputation: 7567

Ok, I finally found out, by debugging the code.

In fact, my server added a series of field names in the response's header (via the Web.config) and the last character of one of these field names was a space. As a result, the http_parser.dart threw an exception since spaces are no authorized characters in header field name.

Nothing was detected by Chrome (or any browser) nor by Postman.

Upvotes: 1

Related Questions