Empty Authorization header is always added to the request

Created on 7 December 2022, almost 2 years ago
Updated 13 February 2024, 9 months ago

Problem/Motivation

We tried to use this fetcher in one feed type for both usecases (with and without authorization headed needed). The issue is the default config for "Authorization Header Token" field is empty string https://git.drupalcode.org/project/feeds_http_auth_fetcher/-/blob/1.0.x/... . Then later in "get" method there is condition "if token !== null" and this is always true because of the default config. This means there is always empty Authorization header in the requests. Based on our testing this can cause the issues for feed url that already contains basic auth credentials (for example "https://username:password@something.com/feed") as the response is "401 Unauthorized" and also for feeds with normal URL without credentials as response in some cases is "400 Bad Request".

Steps to reproduce

Use fetcher from this module with url that contains basic auth credentials or for some feed providers also without credentials

Proposed resolution

Would be good to change the condition and add header only in case there is something in the field and not in the case of empty field.

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report
Status

Fixed

Version

1.0

Component

Code

Created by

🇸🇰Slovakia phrabovcin

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024