I was working with makeRequest and Shindig PHP, and noticed that the http request headers I sent using gadgets.io.RequestParameters.HEADERS were being dropped. (My test: I pointed makeRequest at a quick and dirty script that returns the entire contents of $_SERVER and $_REQUEST in a JSON object. No headers were returned, plus Firebug and Fiddler reveal that, at least in the Post from browser-to-server, the 'headers' parameter is indeed being sent.)
At first, I thought I had found a clean explanation - I was sending an Authorization header, and I had read that certain OpenSocial containers restrict the Authorization header (and some other headers as well) for security reasons. Fair enough. So I created my very own X-header. (X-Mikey: foo) But X-Mikey didn't seem to fly either. This got me curious, so I fired up a debugger and stepped through the makeRequest process. Here is what I discovered so far. Once the modules load, the $headers variable does seem to make it into Shindig. It even goes so far as to explode it into an array. But once that occurs I didn't see anything after that except $headers = false. So far I found reference to $headers in: + src/common/sample/BasicRemoteContentFetcher.php - home of curl, also home to the $disallowedHeaders array which does include a number of headers, but Authorization was not there. + src/gadgets/SigningFetcher.php - here I saw a function called sanitize() that seems to exclude the headers from the OAuth signature calculation, but I was unsure if sanitize() removes the headers from the request altogether + src/common/RemoteContentRequest.php + src/gadgets/MakeRequestHandler.php I think if I stepped through it in the debugger a couple more times I'd be able to see more clearly and perhaps put my finger on where the disconnect is. (That or come to the realization that the disconnect is me!) Since the code is already familar territory to many here I thought I'd ask: Are the missing request headers a known issue? (Should I keep digging?) Does Shindig not support makeRequest's gadgets.io.RequestParameters.HEADERS ? Thanks in advance, Michael
