Reputation: 1
Different response headers for 302 response in Postman and Node.js axios
I am making a POST request from Node.js backend to an external website (mirror.codeforces.com). In both Postman and Node.js axios response, I receive status code 302 (I have set maxRedirects = 0), but the response headers are significantly different. There is only one redirect, and I need to obtain the 'set-cookie' header from the redirect response.
Here is the postman response header (taken from Postman console):
Server: kittenx
Date: Wed, 04 Dec 2024 09:42:21 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: private,no-cache,no-store,max-age=0,must-revalidate
Expires: -1
Pragma: no-cache
Set-Cookie: X-User-Sha1=63425e0090d62898166c5c9b81df08c303901c5a; Max-Age=31536000; Expires=Thu, 04-Dec-2025 09:42:21 GMT; Path=/
Set-Cookie: X-User=6bda2511d1276d70f78a12c28e42ba5fbc25832f53e1abe635d83f3b21edd64d6896ee63fb14fdf7; Max-Age=2592000; Expires=Fri, 03-Jan-2025 09:42:21 GMT; Path=/
Location: https://mirror.codeforces.com/
Strict-Transport-Security: max-age=86400
X-XSS-Protection: 1; mode=block
X-Frame-Options: sameorigin
X-Content-Type-Options: nosniff
X-Frontend: front932212
X-Trace-Id: y-03olMfFrxCP1aH8EDH80OcdPtU2g
Server-Timing: tid;desc="y-03olMfFrxCP1aH8EDH80OcdPtU2g",front;dur=0.596
Here is the Node.js response header (logged to terminal using res.headers):
Object [AxiosHeaders] {
server: 'kittenx',
date: 'Wed, 04 Dec 2024 10:17:35 GMT',
'content-length': '0',
connection: 'close',
location: '/',
'strict-transport-security': 'max-age=86400',
'x-xss-protection': '1; mode=block',
'x-frame-options': 'sameorigin',
'x-content-type-options': 'nosniff',
'x-frontend': 'front932210',
'x-trace-id': 'RGgdGL7Uq1IT4hKwR88b1pomn6HsBA',
'server-timing': 'tid;desc="RGgdGL7Uq1IT4hKwR88b1pomn6HsBA",front;dur=0.131'
}
Here is Node.js code + cookieString and Postman code for the post request, for reference.
The cookies are visible in, and are being set in Postman and browser, these are the properties of cookies as seen on browser. I am expecting X-User-Sha1 and X-User to be found in response headers.
PS: I am unable to confirm if the POST request was successful. It is possible that even unsuccessful requests are redirected with 302, in that case what could be the reason that Postman requests are successful while Node.js requests aren't? They both have identical Headers, and cookies (as seen in above picture links).
PPS: In Postman (automatic redirects off), making POST request, then deleting the X-User-Sha1 and X-User cookies, and then making a GET request to home page of the site WORKS.
Upvotes: 0
Views: 29
Answers (1)
Reputation: 1
Key Observations:
- The main difference is that Postman's response includes the
Set-Cookieheaders while axios's response doesn't. - The
Locationheader values are different (full URL vs just '/') - Both show
302status codes but might be handling the redirect differently
Below is he axios configuration --
const axios = require('axios');
async function makeRequest() {
try {
const response = await axios({
method: 'POST',
url: 'https://mirror.codeforces.com',
// Your POST data here
maxRedirects: 0,
validateStatus: function (status) {
return status >= 200 && status <= 302; // Accept 302 as valid status
},
headers: {
'Accept': '*/*',
'User-Agent': 'Mozilla/5.0', // Match Postman's User-Agent
'Content-Type': 'application/json',
},
withCredentials: true, // Important for cookie handling
decompress: true, // Handle compression if present
});
console.log('Status:', response.status);
console.log('Headers:', response.headers);
// Extract cookies from headers
const cookies = response.headers['set-cookie'];
if (cookies) {
console.log('Cookies:', cookies);
}
return response;
} catch (error) {
if (error.response) {
console.error('Response error:', {
status: error.response.status,
headers: error.response.headers,
data: error.response.data
});
}
throw error;
}
}
The key differences and solutions are:
- Cookie Handling:
-- Add withCredentials: true to enable proper cookie handling
Use the axios-cookiejar-support package if you need persistent cookie
handling:
{ wrapper } = require('axios-cookiejar-support');
const { CookieJar } = require('tough-cookie');
const jar = new CookieJar();
const client = wrapper(axios.create({ jar }));
- Headers:
-- Make sure your headers match Postman's exactly, especially the User-Agent.
-- Some servers respond differently based on the User-Agent
- Redirect Handling:
-- Set maxRedirects: 0 to prevent automatic following of redirects
Use validateStatus to accept 302 as a valid status code
- Response Processing:
-- Check both response.headers['set-cookie'] and response.headers['Set-Cookie'] (case sensitivity).
-- Some servers might only send cookies on specific conditions (like successful authentication)
If you're still not getting the cookies, you can try:
- Compare the exact request being sent:
Add this to see the exact request configuration
axios.interceptors.request.use(request => {
console.log('Request:', JSON.stringify(request, null, 2));
return request;
});
Use a debugging proxy like Charles or Fiddler to compare the raw HTTP traffic between Postman and axios.
Check if the server is responding differently based on:
-- IP address
-- Request timing
-- Previous requests/session state
-- SSL/TLS version or cipher suites
Hope this helps.
Upvotes: 0
Related Questions
- How do I pass command line arguments to a Node.js program and receive them?
- How do you prevent install of "devDependencies" NPM modules for Node.js (package.json)?
- How can I update Node.js and npm to their latest versions?
- How do I completely uninstall Node.js, and reinstall from beginning (Mac OS X)
- What is Node.js' Connect, Express and "middleware"?
- Does Axios support Set-Cookie? Is it possible to authenticate through Axios HTTP request?
- What is the purpose of Node.js module.exports and how do you use it?
- Passing headers with axios POST request
- How to replicate post request as seen in Chrome Inspect?