MegatronKing
commented
5 months ago 能给个截图看看吗,非法响应头是啥
Closed Arcticlyc closed 5 months ago
MegatronKing
commented
5 months ago 能给个截图看看吗,非法响应头是啥
Arcticlyc
commented
5 months ago 能给个截图看看吗,非法响应头是啥
就是在 API 测试的时候,本来应该显示响应的地方,什么都没有,只显示了非法响应头。开启跟随调试后的原始响应就是我上面发的。
MegatronKing
commented
5 months ago 应该是响应头中包含非ascii字符,下个版本我会移除响应头部合法性校验。
MegatronKing
commented
5 months ago @Arcticlyc 2.14.0已经移除非法响应头的校验。
对捕获到的 https 请求进行编辑并发送 api 测试,无法获取响应,显示非法响应头,开启跟随调试后发现在调试部分可以查看响应,不清楚是否为 bug。
调试栏请求为: GET path Host: host Connection: keep-alive Reqable-Id: reqable-id-318752b4-cd1a-42b4-990c-c2394903546d User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate, br, zstd sec-ch-ua: "Chromium";v="124", "Google Chrome";v="124", "Not-A.Brand";v="99" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: referer Accept-Language: zh-CN,zh;q=0.9,en;q=0.8 Cookie: cookie
调试栏响应为: HTTP/1.1 200 OK Server: nginx Date: Thu, 25 Apr 2024 06:45:12 GMT Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Content-disposition: attachment;filename="**" Content-Security-Policy: upgrade-insecure-requests Strict-Transport-Security: max-age=63072000; includeSubDomains