dio
dio copied to clipboard
cfug
Requests with CancelToken return 403 if host requires valid User-Agent
New Issue Checklist
- [x] I have searched for similar issues in the project and found the following:
- #939
- #1166
- #1167
But they are all closed and lack relevant information.
Issue Info
| Info | Value | |
|---|---|---|
| Platform Name | Flutter | |
| Platform Version | 3.0.1 | |
| Dio Version | 4.0.6 | |
| Android Studio / Xcode Version | Android Studio 2020.3 | |
| Repro rate | all the time (100%) | |
| Repro with our demo prj | - | |
| Demo project link | - |
Issue Description and Steps
Every request made with a CancelToken to specific hosts that require a valid User-Agent, return a 403 forbidden response. If you use a baseUrl of a host that requires a valid User-Agent and do the following request:
Future<void> testRequest(
String url,
String path,
CancelToken cancelToken,
) async {
final dio = Dio(BaseOptions(baseUrl: url));
final response = await dio.get<Map<String, dynamic>>(
path,
cancelToken: cancelToken,
);
}
You would get a 403 forbidden, but if you remove the CancelToken, the request would be successful.
It is my understanding that this only happens due to a change made in 516825fb8392e5a8aaaef3cbba6f7cb8d075a620 https://github.com/flutterchina/dio/blob/516825fb8392e5a8aaaef3cbba6f7cb8d075a620/dio/lib/src/adapters/io_adapter.dart#L104
For now I'm just forcing a non-null User-Agent on my request headers, but I still consider this an issue because Dio only enforces a null User-Agent when the request has a CancelToken.
If the line of code that I linked above is really required, I would suggest to always force a null User-Agent (with or without CancelToken) or alert the users through the package documentation.
Thank you!
