fix: remove invalid Accept: "odkcentral" header (triggers ModSec 920600) (#348)

spwoodcock · web-flow · commit 174509781c56 · 2025-03-05T00:27:30.000Z
diff --git a/osm_fieldwork/OdkCentral.py b/osm_fieldwork/OdkCentral.py
@@ -188,8 +188,6 @@ def authenticate(
             self.user = user
         if not self.passwd:
             self.passwd = passwd
-        # Enable persistent connection, create a cookie for this session
-        self.session.headers.update({"accept": "odkcentral"})
 
         # Get a session token
         try:
@@ -798,7 +796,7 @@ def getSubmissions(
         # log.debug(f'Getting submissions for {projectId}, Form {xform}')
         result = self.session.get(
             url,
-            headers=dict({"Content-Type": "application/json", "accept": "odkcentral"}, **self.session.headers),
+            headers=dict({"Content-Type": "application/json"}, **self.session.headers),
             verify=self.verify,
         )
         if result.status_code == 200:
diff --git a/osm_fieldwork/OdkCentralAsync.py b/osm_fieldwork/OdkCentralAsync.py
@@ -87,7 +87,6 @@ async def __aenter__(self):
         # Header enables persistent connection, creates a cookie for this session
         self.session = aiohttp.ClientSession(
             raise_for_status=True,
-            headers={"accept": "odkcentral"},
         )
         await self.authenticate()
         return self

Original file line number	Diff line number	Diff line change
`@@ -87,7 +87,6 @@ async def __aenter__(self):`
`87`	`87`	`# Header enables persistent connection, creates a cookie for this session`
`88`	`88`	`self.session = aiohttp.ClientSession(`
`89`	`89`	`raise_for_status=True,`
`90`		`- headers={"accept": "odkcentral"},`
`91`	`90`	`)`
`92`	`91`	`await self.authenticate()`
`93`	`92`	`return self`