Skip to content

Instantly share code, notes, and snippets.

@fallwith
Created January 28, 2011 20:41
Show Gist options
  • Save fallwith/800906 to your computer and use it in GitHub Desktop.
Save fallwith/800906 to your computer and use it in GitHub Desktop.
Rails controller code to dump raw HTTP headers from a request
logger.warn "*** BEGIN RAW REQUEST HEADERS ***"
self.request.env.each do |header|
logger.warn "HEADER KEY: #{header[0]}"
logger.warn "HEADER VAL: #{header[1]}"
end
logger.warn "*** END RAW REQUEST HEADERS ***"
@neilsy
Copy link

neilsy commented Apr 2, 2018

Log all request header keys (even if they don't start with "HTTP_", but no internal rails env stuff, in rails 5.1.4:

request.env.to_hash.select{ |key,val| ! key.starts_with?("rack") && ! key.starts_with?("action_")}

Integrating with a remote server with poorly documented auth, I needed to be able to see what the auth header was, and couldn't assume anything about the name. But I wanted to avoid logging anything about the internal state of the Rails instance to plain-text logs - in case there's anything secure in the rails env. This gets request headers (regardless of their naming convention) but no internal stuff, in rails 5.1.4.

@dklotz
Copy link

dklotz commented May 16, 2018

@neilsy The HTTP_ prefix gets added for all request headers by rails / rack AFAIK, it does not come from the actual client request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment