question

Upvotes
Accepted
1 0 1 1

Ajax sending "Date" in header is unsafe (refused) why do you use it?

In World Check One Api, the Postman example must send "Date" as Header parameter.


That is forbidden.

https://fetch.spec.whatwg.org/#forbidden-header-name


a) Why would this company choose to implement it this way?

b) How to cope with this problem?


1669713150757.png


#technology#productworldcheck-one-api
1669713150757.png (83.7 KiB)
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Accepted
546 4 0 2

Hi @sp02.


Thank you for your patience. Some of the fields are not allowed to be set by the user in AJAX i.e. forbidden headers. These are automatically set by the browser or other corresponding user agent. Please try sending the request without Date header and get back to me in case it doesn't work out. Thanks.

Regards,

Ssneha Balasubramanian.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
546 4 0 2

Hi @sp02.


We send the date in the postman header to ensure the authenticity of the message. I have made a note of your request to send Date header in AJAX and will get back to you with a solution. Thank you.


Regards,

Ssneha Balasubramanian.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.