I guess I'll move this to the top because none of what's been said so far addresses my question. There are some response headers in Postman that I don't get in Dart. I need to access those values in order for my application to work. How do I get access to the Headers that are in Postman but Dart doesn't seem to have?

I'm using the Dart/Flutter http package in general it does everything I need it to. What I've run into trouble recently is that it doesn't return some non-standard headers as part of a post request. For example, I'm trying to make the following request:

POST https://fhir.epic.com/interconnect-fhir-oauth/api/FHIR/R4/Patient?_format=json&_pretty=false
Headers: {"Content-Type": "application/fhir+json", "Authorization": "Bearer $BearerToken"}
Body: {"resourceType":"Patient","identifier":[{"type":{"coding":[{"system":"http://hl7.org/fhir/sid/us-ssn","code":"SB"}]
},"system":"urn:oid:2.16.840.1.113883.4.1","value":"444114567"}],"name":[{"use":"usual","text":"Derrick
Lin","family":"Lin","given":["Derrick"]}],"gender":"male","birthDate":"1973-06-03"}

Note, this request succeeds. It returns a Status Code of 201 and I've checked the server and the Patient is successfully created. However, the Response headers are:

{
  "cache-control": "no-cache,no-store", 
  "content-length": 0, 
  "content-type": "application/fhir+json; charset=utf-8", 
  "expires": -1, 
  "pragma": "no-cache"
}

Now, I've tried stopping this request right before posting so I ensure I have all of the correct parameters. And if I copy the same values into Postman, I still recieve a Status of 201, but I receive these as the Response Headers:

{
  "Expires": -1, 
  "Location": "Patient/eoc0yXThvv5aQEdz-kjaSWQ3",
  "Allow-Control-Allow-Headers": "origin, authorization, accept, content-type, x-requested-with, Epic-User-ID, Epic-User-IDType, Epic-Client-ID, soapaction, Epic-MyChartUser-ID, Epic-MyChartUser-IDType",
  "Allow-Control-Allow-Methods": "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS",
  "Allow-Control-Allow-Origin": "*",
  "Allow-Control-Allow-Credentials": true,
  "cache-control": "no-cache,no-store", 
  "content-length": 0, 
  "content-type": "application/fhir+json; charset=utf-8", 
  "pragma": "no-cache"
}

I need access to these extra headers in dart, specifically the "Location" header. To answer one of the questions below, as far as the code for creating the request, the first is going through the some Oauth2 Code to get the Bearer token. After that, it's calling a POST method on a class that Extends http.Client.

  @override
  Future<http.Response> post(Uri url,
          {Map<String, String>? headers,
          Object? body,
          Encoding? encoding}) async =>
      await http.post(
        url,
        headers: await newHeaders(headers),
        body: body,
        encoding: encoding,
      );

  @override
  Future<Map<String, String>> newHeaders(Map<String, String>? headers) async {
    headers ??= <String, String>{};
    if (client?.credentials.accessToken != null) {
      headers['Authorization'] = 'Bearer ${client!.credentials.accessToken}';
    }
    headers.addAll(authHeaders ?? <String, String>{});
    return headers;
  }

And again, the request succeeds, it successfully posts the resource, the resource is created, and I get a 201 status code showing it was created. What I don't get is the full set of response headers.

Does anyone have any idea if I'm creating the request incorrectly, if this is something wrong with the http package, or something wrong with the Dart SDK?


Solution 1: user18309290

There are CORS headers for allowing cross domain access to a web browser:

  "Allow-Control-Allow-Headers": "origin, authorization, accept, content-type, x-requested-with, Epic-User-ID, Epic-User-IDType, Epic-Client-ID, soapaction, Epic-MyChartUser-ID, Epic-MyChartUser-IDType",
  "Allow-Control-Allow-Methods": "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS",
  "Allow-Control-Allow-Origin": "*",
  "Allow-Control-Allow-Credentials": true,

This is related to redirecting a web browser to a new location after creating a resource.

  "Location": "Patient/eoc0yXThvv5aQEdz-kjaSWQ3",