Why doesn't the remote server response contain the x-csrf token on nodejs after the fetch request?

Question

Why doesn't the remote server response contain the x-csrf token on nodejs after the fetch request?

I am using nodejs and a request plugin ( https://github.com/request/request ) to create a proxy. Routing works fine, but one of the servers that my proxy is supposed to forward to requires CSRF tokens. The problem is that fetch requests are being sent, but the server response does not contain the x-csrf token. It looks like the query plugin is "unwinding" this field. I mean, this is not an empty answer, no. The header doesn't even contain a field.

I need to use a query plugin for reasons. So switching the plugin doesn't help. Any ideas on what might be causing this problem?

UPDATE (example code)

app.use(sIncoming, function (req, res, next) {
options = {
    'url': sDestination + req.url,
    'ca': cas,
    'jar': true,// enable cookies,
    'strictSSL': true,
    'headers': {
        accept: '*/*'
    }
};
request(options, function (err, response, body) {
    if (err) onsole.error(err);
    else {
         if (typeof req.headers['x-csrf-token'] === "string") {
                console.log("#1 " + (typeof req.headers['x-csrf-token'])); // string
                console.log("#2 " + (req.headers['x-csrf-token'])); // fetch
                console.log("#3 " + (typeof response.headers['x-csrf-token'])); //undefined

    }
}).pipe(res);

+3

node.js proxy csrf csrf-protection request

keinabel Jul 27. 15 at 14:25

source to share

1 answer

keinabel · Accepted Answer · 2015-11-18T14:00:23+0000

   req.pipe(request(options, function (err, response, body) {
        if (err) {
            return console.error('upload failed:', err);
        }
   }), {end: (req.method === "GET" ? true : false)}).pipe(res);

did this

Why doesn't the remote server response contain the x-csrf token on nodejs after the fetch request?

More articles: