Temporary Headers

Is there a way to turn off sending of “Temporary Headers”? I don’t want to pollute requests sent to our server.

Any help appreciated.

Chris

2 Likes

Hi @chrisheb,

Welcome to Postman! Unfortunately, there is no way to turn off “Temporary Headers” since adding headers is required for the request to go through otherwise you will have to provide it manually. This is the same as browsers / other clients do.

That’s unfortunate. Temporary headers made my work with postman very uncomfortable:

  1. I do requests in postman, but after all I need to generate cURL;
  2. I click [Code] and get сURL/HTTP/what-ever-code with unnecessary headers, which I have manually delete.

I’d like to have an option do not have temporary headers in code snippets:

I think it should auto generate them by default but allow us to remove/edit them. There are cases where we need to change then and it won’t let us. My example is this https://stackoverflow.com/questions/28093586/send-file-with-postman-to-laravel-api?rq=1 The accepted answer is to remove the content type header but it won’t let me.

3 Likes

Completely agree with @emmanvazzbs. It’s nice to have these parameters to have auto populated, but there should be a way to disable, delete these.

4 Likes

I too need a way to disable the inclusion of “temporary headers” in the cUrls Postman generates. My APIs are all more machine to machine than browser to machine in any event. These temporary headers are really overreach.

2 Likes

+100500 to @jaykhimani.
I’d like to compose a test suite where several users do actions (APIKEY, POST logins, GETs, user cookies). If there are temp.headers it’s so easy to call a request with an inpropriate cookie and forget to add API KEY especially during test case design. I don’t want to always keep in mind the temp.headers state while doing test design.

1 Like

Yeah that’s why I said not remove it completely, but allow user to decide whether he/she wants those temporary headers for specific test or not. User should have the flexibility on whether suh headers should be added or not.

1 Like

by the way it’s just really annoying to get test user #1 logged off before test user #2 can use correct value of API-key provided at his request headers. I guess this is a bug.

@asha.singh These temporary headers are breaking previously working requests by adding an expired authentication header used in previous requests. Will there be an update to disable them altogether or at least remove specific headers?

1 Like

Hey @prov-ShawnChambless,

That’s interesting that you’re seeing that happening - Would you be able to expand on this more and share some additional information and examples of what you’re seeing please?

Hey Danny,

I’m actually not sure where the cookie header is coming from since it’s never set on this registration endpoint. Every time I’ve tried to use it since updating Postman to v7.1.1, the cookie header gets added with an expired authentication token, causing the endpoint returns a 401 response.

I am testing a server which caches the request based on the similarity of the requests. Since POSTman now sends a unique key with every request, the server never caches the requests, so I am unable to check the functionality. I forced to use the curl command in my terminal.

It will be nice if users can select headers manually.

1 Like

Hi @arunans you can disable the addition of no-cache and Postman Token header from the settings

These two settings have been part of Postman prior to version v7.1.1. If these two settings are turned on then postman has always been sending the headers but was not visible to the users.

With the addition of a section of Temporary Headers we wanted to show the users exactly what headers are being sent. The new section in no way has changed the behaviour of Postman.

There are four kinds of headers that are shown in the Temporary Headers Section

  1. System Headers - These headers must be sent for the HTTP request to work eg. Host, User-Agent, Accept, Connection
  2. Auth Injected Header - These headers are added by postman if you selected a specific auth mechanism to be used
  3. Configurable Headers - no-cache and Postman-Token for which the settings have been provided
  4. Cookie Headers - Which you can manage in this section

I would like iterate again on my point that Postman has always been sending these headers but was not visible to the users. With the addition of this new section we wanted to show the users every details of the request not shown before.

@prov-ShawnChambless I hope this helps and you are able to fix your issue with cookies. You might just have to go to the cookie manager and clear old cookies.

Thanks.

3 Likes

Thanks. This is helpful. :slight_smile:

@saswatds I understand that the temporary headers have always been there but just not visible to the end user. Having the option to hide these headers again is what we’re looking for, so that the code snippets are not filled with headers that have to be curtailed. I’d like to only see the headers that have been explicitly defined within the call itself.

@DoYouEvenCurl Absolutely. The options to not include temporary headers during code-generation should be available. It would be really helpful if you can file this particular request on github. I will help us track and prioritise adding the option to code-gen.

@DoYouEvenCurl I have gone ahead an created a feature request on your behalf

Would be great if you can give a :+1: on it.

Thanks

2 Likes

@saswatds That is excellent, thank you for putting that request in. I went ahead and :+1: that feature request. Do you know if this feature will make it into the next build?

@DoYouEvenCurl I am not really sure at this very moment but I shall keep this thread posted as soon as I have any updated.