Send a Referer header when making POST requests to Launchpad
Bug #540212 reported by
Leonard Richardson
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Apport |
Expired
|
Undecided
|
Unassigned |
Bug Description
Bug 538097 was caused by a Launchpad change to reject incoming POST requests that lack a Referer header. The fix is an apport-specific hack in Launchpad (bug 539156 tracks the hack). We'd like you to start sending a Referer header when POSTing to /+blobstore, and in any other POSTs you make to the Launchpad web site (as opposed to the web service). Any reasonable value for the Referer header is fine; in similar situations, I've used the Launchpad website's root URL.
If you can get this fix into Lucid, we'll be able to get rid of the apport-specific hack in a year; otherwise we'll be keeping it until 2015.
summary: |
- Send a Referer header when making requests to Launchpad + Send a Referer header when making POST requests to Launchpad |
To post a comment you must log in.
Sorry that I only saw this just now. What would be an example value for the "Referrer" header field? Is there any syntax/convention there?
The upload happens like
opener = urllib2. build_opener( HTTPSProgressHa ndler, multipartpost_ handler. MultipartPostHa ndler) /%s/+storeblob' % hostname info(). get('X- Launchpad- Blob-Token' )
url = 'https:/
result = opener.open(url,
{ 'FORM_SUBMIT': '1', 'field.blob': blob })
ticket = result.
right now. Do you happen to know how to add a header field in between there? (If not, don't worry, I'll do some RTFM)