S
S
SVAY2020-10-02 11:30:50
JavaScript
SVAY, 2020-10-02 11:30:50

Why is axios sending wrong headers, in random mode?

I use nuxt, with its @nuxtjs/axios module.
I make a user request to my API in the nuxtServerInit action, and it fails, and sometimes not, it works in random mode, sometimes the error disappears after a couple of restarts of the server dev. Started logging all requests on the API side. Here's what happened, this is an unsuccessful request, it's worth paying attention that there are 2 cookie headers, what's wrong with them, I naturally don't understand.

[2020-10-02 10:35:10] local.INFO: app.requests {"request":{"Illuminate\\Http\\Request":"GET /api/auth/user HTTP/1.1
Accept:                    application/json, text/plain, */*
Accept-Encoding:           gzip, deflate
Accept-Language:           ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Cache-Control:             max-age=0
Connection:                keep-alive
Cookie:                    XSRF-TOKEN=eyJpdiI6IkxWNWZsSjloSHp1a1FQQm9BQzdVT0E9PSIsInZhbHVlIjoia0xmUFA2ZFd6OEZSZmRkWmc3emNMcWtHbVVvNExyZVpBdHo0STZwRERLVllJNDNzbXBySit4aGY0UktZT09KU2J3Rm8wT1lpazZscVVuOGhjSzF5RGxDT3ptYTFyOHpDdWowZXV1TzlGeTJtU0tjK0xxcGxBbEROTUxyRTE4QU4iLCJtYWMiOiIwODZjZWFjZDYwMWNkMzJjMzk2MWQ5NTIwYmMyYWIzMDM1MzBhOGUwMWMwODU1YjgyNDZkNTYzZjE1NTY3NjhkIn0%3D; 3it_space_session=eyJpdiI6Ik4wRVJUVnhpV3JyYVV1SWVJUVEwWHc9PSIsInZhbHVlIjoiSnMwSm8wNFR2ZnpQUGc1Z2YwcmpIMUxBUE55akU0OGsxNy9DQTRkb1pnTHRsVlpVcUU0ZWRvck9la3dYa1lKVFZKQXpEK2xvWklKam1oUHVQMWlaeGxZSFlKdS9Ud2RUTE1hVGxEbHZuRElaZzJjMGZQR014cmtOMTY4MzUyMTciLCJtYWMiOiI0ZjcyNzFlN2Y0MmZkNzliMzA2OThmOGVkNWU4N2NlYmRkNWIyZTc5MjQwZDI2Nzg0Mzk3ZjU1OThmZmNjMzkzIn0%3D
Dnt:                       1
Host:                      s.3it.space
If-None-Match:             \"fb4a-etF7zXcP2Ixp11iVDMQY4qAaUWc\"
Upgrade-Insecure-Requests: 1
User-Agent:                Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
Cookie: XSRF-TOKEN=eyJpdiI6IkxWNWZsSjloSHp1a1FQQm9BQzdVT0E9PSIsInZhbHVlIjoia0xmUFA2ZFd6OEZSZmRkWmc3emNMcWtHbVVvNExyZVpBdHo0STZwRERLVllJNDNzbXBySit4aGY0UktZT09KU2J3Rm8wT1lpazZscVVuOGhjSzF5RGxDT3ptYTFyOHpDdWowZXV1TzlGeTJtU0tjK0xxcGxBbEROTUxyRTE4QU4iLCJtYWMiOiIwODZjZWFjZDYwMWNkMzJjMzk2MWQ5NTIwYmMyYWIzMDM1MzBhOGUwMWMwODU1YjgyNDZkNTYzZjE1NTY3NjhkIn0=; 3it_space_session=eyJpdiI6Ik4wRVJUVnhpV3JyYVV1SWVJUVEwWHc9PSIsInZhbHVlIjoiSnMwSm8wNFR2ZnpQUGc1Z2YwcmpIMUxBUE55akU0OGsxNy9DQTRkb1pnTHRsVlpVcUU0ZWRvck9la3dYa1lKVFZKQXpEK2xvWklKam1oUHVQMWlaeGxZSFlKdS9Ud2RUTE1hVGxEbHZuRElaZzJjMGZQR014cmtOMTY4MzUyMTciLCJtYWMiOiI0ZjcyNzFlN2Y0MmZkNzliMzA2OThmOGVkNWU4N2NlYmRkNWIyZTc5MjQwZDI2Nzg0Mzk3ZjU1OThmZmNjMzkzIn0=

"},"response":{"Illuminate\\Http\\JsonResponse":"HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, private
Content-Type:  application/json
Date:          Fri, 02 Oct 2020 07:35:10 GMT

{\"message\":\"Unauthenticated.\"}"}}

And this is a successful request, here in the second Cookie header they have a much shorter meaning, I don’t know what it is and how it is formed. The value of the cookie did not change between a failed and a successful request.
[2020-10-02 11:05:05] local.INFO: app.requests {"request":{"Illuminate\\Http\\Request":"GET /api/auth/user HTTP/1.1
Accept:                    application/json, text/plain, */*
Accept-Encoding:           gzip, deflate
Accept-Language:           ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7
Cache-Control:             max-age=0
Connection:                keep-alive
Cookie:                    XSRF-TOKEN=eyJpdiI6InVOTmJjWThFRHNxaWs3SFpGN1lJakE9PSIsInZhbHVlIjoiYjROb2E0UkV0TDdKTkxKL24xK3UzSzJYZTdzSVFNOGVJbUlya3A4NEtUcVFZajM4djNpTjVMcVpuK1NaOTVoTENiYVoxTmJ4bklHOGw3MHBpRXNiRFB4UDk4S2NRejNEaU50Mkw0b3JoMFR3QjV2ZDVKMGRQQVRCSXMwVkxTbTAiLCJtYWMiOiI0MzdkZmYyNzgzZTY3OTJjZDllMzhmMDAzOWQ5ZGQ0NzIxMGYzZmIxYTM1ZGU2M2ZmMjE3OTFiY2VmNmEzNWNiIn0%3D; 3it_space_session=eyJpdiI6IkExbnd0aUZHREQ1dVduVmlCTi9mRmc9PSIsInZhbHVlIjoiTThKNXBWVlFDMUhkWXVvRDRzWnR0SHBXUDdwZTh4d3NkL0FhUVRYL1o4Y2lNbXhBWndzUTVrZitLc0owSS9zWHdPMUFxV2FMS0ZDVmRQdkVMUTl3Y3pEaEVEVU1jREtyR3pyci9uQzR6VjN3UTE2WVBjNlZvMGxyaVZtZVJ5MVQiLCJtYWMiOiJkYTFiMDcxYTJlMTExMTJiOTIyN2NmM2UxM2FmNzM0NGQ5NDQxZmQzNTYwNDNkM2FkNWI4MDQxNDk3ZWFkMjgyIn0%3D
Dnt:                       1
Host:                      s.3it.space
If-None-Match:             \"faa8-YNL2mGrzJ1IMTWSuxJlu65phQ2k\"
Referer:                   http://3it.space:3000/content/pub
Upgrade-Insecure-Requests: 1
User-Agent:                Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
Cookie: XSRF-TOKEN=GEIv6UERB6eqd0mK4eL3jeLm9GXTAcFac8uFw3Sk; 3it_space_session=U14bxeo2jQbL4r3Upt0fYxal50p0P3IoXNIujNm9

"},"response":{"Illuminate\\Http\\JsonResponse":"HTTP/1.1 200 OK
Cache-Control:         no-cache, private
Content-Type:          application/json
Date:                  Fri, 02 Oct 2020 08:05:05 GMT
Set-Cookie:            XSRF-TOKEN=eyJpdiI6IjlsR3NIbTdQUm1IeThKbDdNcVJnTnc9PSIsInZhbHVlIjoiMFVlbTQ5LzZvTWhHaGVLZFRuL2lLeDRmTG0ycitFMTU0bTlqOVg1ODlrSU05dmNiN0tpa0NpeU9lZDBHRE12RU1RMUtjWlpXRERoYkZhdDI4MTQ4Ri8vOUVJYWpIWHVwL2Zicm9nNUhxSk9oKzhPcUw5TmdaYkw3ak9RY1pDY1kiLCJtYWMiOiIyMjFmZjNjN2Q2NGMxMGQwNzI2YjI4NjEwMGM3ZGU2NjAzYjVjM2Q1YmUzNzU5OGE3Y2U1YzU3YWFhNTE5NzYyIn0%3D; expires=Fri, 09-Oct-2020 08:05:05 GMT; Max-Age=604800; path=/; domain=.3it.space; samesite=lax
Set-Cookie:            3it_space_session=eyJpdiI6IjFLOVduaUg3by9sMnpZSFdFMStJQUE9PSIsInZhbHVlIjoidzhwTG9NQ21CWm5IZ21mRWErUnBVTThSdzJSeThoWXdFWkMyZVlnWHkxZVk5RVRZWjVmL3pDbTBVZjJvbHdhazkyOUxQc1lSNm5tOFZjSXdUQUhPTVpLYVB2SjJyZEpHNlNyU0Rxd0NlclRuQ0F0R1BQblRnb1Q4Zkl1ZlNkQ1IiLCJtYWMiOiI5ZTMyZjc1MGQ1Y2I0MmZmNzVlMmIyNzRkZmYxYzE4OGY2Y2U4YzA4MTAxMDlkZTczN2IwNzcxMzljM2ZlYTk5In0%3D; expires=Fri, 09-Oct-2020 08:05:05 GMT; Max-Age=604800; path=/; domain=.3it.space; httponly; samesite=lax
X-Ratelimit-Limit:     60
X-Ratelimit-Remaining: 59

{\"id\":1,\"login\":\"nebylitsky\",\"email\":\"[email protected]\",\"avatar\":\"http:\\/\\/s.3it.space\\/images\\/defaultAvatar.png\",\"name\":\"\\u041b\\u0443\\u043a\\u0430\",\"surname\":\"\\u041d\\u0435\\u0431\\u044b\\u043b\\u0438\\u0446\\u043a\\u0438\\u0439\",\"speciality\":\"Frontend developer\",\"location\":\"\\u041a\\u0443\\u0437\\u0438\\u0431\\u0438\\u043b\\u0438\\u0441\",\"birthday\":null,\"email_verified_at\":null,\"created_at\":\"2020-09-11T12:43:43.000000Z\",\"updated_at\":\"2020-10-01T12:20:45.000000Z\"}"}}

UPD: The request fails due to the lack of a referer header that is needed for authorization, I wrote it in the axios config so that it sends it with every request, but it still does it every other time.

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question