Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: HTTP logger should avoid add an empty Authorization header if conf.auth_header is not set #7431

Closed
tokers opened this issue Jul 11, 2022 · 0 comments · Fixed by #7444
Closed

bug: HTTP logger should avoid add an empty Authorization header if conf.auth_header is not set #7431

tokers opened this issue Jul 11, 2022 · 0 comments · Fixed by #7444
Labels
bug Something isn't working

Comments

@tokers
Copy link
Contributor

tokers commented Jul 11, 2022

Current Behavior

Currently, whether we configure conf.auth_header or not, APISIX HTTP logger will add the authorization header.

image

Log server will reject such requests since they violate the HTTP syntax.

image

Expected Behavior

Avoid adding this header if conf.auth_header is empty.

Error Logs

No response

Steps to Reproduce

Environment

  • APISIX version (run apisix version): latest
  • Operating system (run uname -a):
  • OpenResty / Nginx version (run openresty -V or nginx -V):
  • etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):
  • APISIX Dashboard version, if relevant:
  • Plugin runner version, for issues related to plugin runners:
  • LuaRocks version, for installation issues (run luarocks --version):
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(http-logger): avoid empty Authorization header by default spacewander/incubator-apisix
1 participant
@tokers