Reputation: 27
They said they can send headers in order here: http://docs.python-requests.org/en/master/user/advanced/#header-ordering
But for some unknown reason requests never sends headers in order.
Example code:
headers01 = OrderedDict([("Connection", "close"), ("Upgrade-Insecure-Requests", "1"), ("User-Agent", "SomeAgent"), ("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8"), ("Accept-Encoding", "gzip, deflate"), ("Accept-Language", "Some Language")])
Result:
Connection: close
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; InfoPath.2)
Accept-Language: en-US,en;q=0.5
Upgrade-Insecure-Requests: 1
My request is already sent by sessions and it also not working if it's not sent by session.
Upvotes: 1
Views: 1421
Reputation: 6468
If you read the documentation page you linked, it does indicate the limitation of default headers and the workaround...
Running this code:
import requests
from collections import OrderedDict
headers = OrderedDict([("Connection", "close"), ("Upgrade-Insecure-Requests", "1"), ("User-Agent", "SomeAgent"), ("Accept", "text/html,application/xhtml+xml,applic
ation/xml;q=0.9,image/webp,image/apng,/;q=0.8"), ("Accept-Encoding", "gzip, deflate"), ("Accept-Language", "Some Language")])
s = requests.Session()
s.headers = headers
r = s.get(http://localhost:6000/foo)
Sends:
GET /foo HTTP/1.1\r\nHost: localhost:6000\r\nConnection: close\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent: SomeAgent\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8\r\nAccept-Encoding:
gzip, deflate\r\nAccept-Language: Some Language\r\n\r\n
Upvotes: 3
Reputation: 31389
You are in fact wrong: header order does not matter, not according to the standards anyway https://www.rfc-editor.org/rfc/rfc2616
The point you are trying to make (i.e. why it does matter) is that browsers can (somewhat unreliably) be identified by fingerprinting based on the header order they happen to use. This is fine, but it is by no means a reason for a Python library to implement specific ordering.
That you're disappointed you won't be able to use this library to impersonate some browser or to get accurately finger-printed by this type of software is too bad, but it hardly justified the tone of the question.
The best suggestion here would be to find an alternative http request library that does allow specific header ordering and guarantees maintaining the order you provide.
Upvotes: 0