Open holtkamp opened 6 years ago
Currently an 'empty' X-Bunq-Client-Authentication header is used in some initial request (like POST Installation), which results in a HTTP 403 forbidden error since 27-03-2018.
https://github.com/link0/bunq/blob/c48f3d15b5a54219fb2234b53a0ef58118cff3ac/src/Middleware/RequestIdMiddleware.php#L37-L39
It should only be set when required:
if (\is_string($this->sessionToken) && $this->sessionToken !== '' && !isset($headers['X-Bunq-Client-Authentication'])) { $headers['X-Bunq-Client-Authentication'] = $this->sessionToken; }
Would a PR be accepted? Or is none of the maintainers monitoring this?
Currently an 'empty' X-Bunq-Client-Authentication header is used in some initial request (like POST Installation), which results in a HTTP 403 forbidden error since 27-03-2018.
https://github.com/link0/bunq/blob/c48f3d15b5a54219fb2234b53a0ef58118cff3ac/src/Middleware/RequestIdMiddleware.php#L37-L39
It should only be set when required:
Would a PR be accepted? Or is none of the maintainers monitoring this?