Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAS: Authorization header is always converted to lowercase #203

Open
LukasZech opened this issue Mar 16, 2023 · 0 comments
Open

OAS: Authorization header is always converted to lowercase #203

LukasZech opened this issue Mar 16, 2023 · 0 comments
Assignees
@derevnjuk
Labels
Type: enhancement New feature or request.

Comments

@LukasZech
Copy link

The function SecurityScheme.createAuthorizationHeader always converts the header key of the authorization schema to lowercase

har-sdk/packages/oas/src/converter/security/schemas/SecuritySchema.ts

Lines 37 to 40 in baae5b4

return this.createKeyValuePair(
httpAuthSchema.toLowerCase(),
`${prefix}${prefix ? ' ' : ''}${value}`
);

Although header keys are to be treaded as case-insensitive according to RFC2616 many server implementations will still compare header keys in a case sensitive way, especially with authorization headers

Even in official documents like RFC6750 the Authorization header is written in uppercase.

As there is no real need for this library to enforce HTTP headers beeing lowercase, I would propose to remove the conversation and simply take the header key as it is stored in the schema
@derevnjuk derevnjuk self-assigned this Jun 13, 2023
@derevnjuk derevnjuk added the Type: enhancement New feature or request. label Jun 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@derevnjuk derevnjuk

Labels
Type: enhancement New feature or request.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@derevnjuk @LukasZech