request.rel_url didn't return fragment (by the server-aiohttp)

[GaborYaxa]

Long story short

in the aiohttp-server should exist request.real_url like in client
in the request (request.rel_url) received by the server, the fragment is gone

Expected behaviour

session.get('http://localhost:8080/authorize#access_token=xxx&expires_in=21600&user_id=xxx')
async def route_fragment(request):
    # should return "/authorize#access_token=xxx&expires_in=21600&user_id=xxx"
    return web.Response(text=f'{request.rel_url}')  

request.rel_url == "/authorize#access_token=xxx&expires_in=21600&user_id=xxx"

Actual behaviour

request.rel_url == "/authorize"

Steps to reproduce

Server code:

import asyncio
from aiohttp import web


async def route_fragment(request):
    return web.Response(text=f'{request.rel_url}')  # rel_url didn't return fragment


async def start_server():
    web.run_app(app)
    pass

app = web.Application()
app.add_routes([web.get('/authorize', route_fragment)])
web.run_app(app)

client code:

import asyncio
import aiohttp

url = '/authorize#access_token=xxx&expires_in=21600&user_id=xxx'


async def send_request():
    async with aiohttp.ClientSession() as session:
        async with session.get(f'http://localhost:8080{url}') as resp:  # send request with fragment
            print(await resp.text(), url, resp.real_url)
            assert(await resp.text() == url, 'fragment has gone')

loop = asyncio.get_event_loop()
loop.run_until_complete(send_request())
loop.close()

Your environment

server
aiohttp==3.4.4
python 3.7

[aio-libs-bot]

GitMate.io thinks the contributor most likely able to help you is @asvetlov.

Possibly related issues are #2920 (AIOHttp failing after some requests), #206 (SSL issue with aiohttp.request), #127 (verify_ssl for aiohttp.request), #3274 (1K Request can't be finished in a simultaneous way in aiohttp), and #1541 (Aiohttp.web server timeout on long requests.).

[asvetlov]

The fragment is for client-side only.
Browser doesn't send it to an HTTP server.
There is no sense in processing it on the server side.
IIRC aiohttp doesn't strip a fragment on a server (but does it on a client to mimic a browser).

[misalcedo]

Hello,
I also ran into this problem.
The docs clearly state that the fragment should be present. But I cannot get the fragment to show up at all.

I am using python 3.7 with aiohttp 3.5.1
My use case is that Google's OAuth sends the id_token to the server as URL-encoded parameters in the fragment part of the URL. However, in my view handler, neither self.request.url.fragment nor self.request.rel_url.fragment give me the fragment so I can extract the id_token.

I am not reading the fragment to return it to the a client. But I need it to verify the client is who they say they are.

See https://aiohttp.readthedocs.io/en/stable/web_reference.html#aiohttp.web.BaseRequest.rel_url for the docs that state fragment should be present in self.request.rel_url

[lock]

This thread has been automatically locked since there has not been
any recent activity after it was closed. Please open a new issue for
related bugs.

If you feel like there's important points made in this discussion,
please include those exceprts into that new issue.