search

requestly / requestly-desktop-app

Requestly Desktop App (Mac, Linux, Windows)
https://requestly.io/
GNU Affero General Public License v3.0
45 stars 10 forks source link

Authorization header is not passed with Redirect Request or Replace String #71

Open totoberg123 opened 5 months ago

totoberg123 commented 5 months ago

Prerequisites

Expected Behavior

When I am creating a 'Redirect Request' or 'Replace String' HTTP Rule in the Desktop App it should forward/redirect to the changed endpoint URL. All original header keys and values should be passed.

Current Behavior

All original header keys and values are being passed, except the 'Authorization' header. The 'Authorization' header vanished.

Steps to Reproduce

  1. Open the Requestly Desktop-app.
  2. Create Redirect Rule (or a Replace String rule) to forward the request to another endpoint (staging api for example)
  3. Use any http request with an 'Authorization' header.
  4. The 'Authorization' header has vanished.

Possible Solution (Not obligatory)

This was also an issue on the Chrome plugin: https://github.com/requestly/requestly/issues/1208

I noticed that this (https://github.com/requestly/requestly/issues/1208#issuecomment-1801505984) workaround fixed my issue as well for the Desktop Application !

Context

I tested this by sending requests to an PHP file with the following code to see all headers: $headers = getallheaders(); var_dump($headers);

  1. 'Replay request' with the Authorization header: You can see the Authorization header vanished
example_1

  1. 'Replay request' with the Authorization header + Authorization2 header: You can see the Authorization header vanished, but the Authorization2 header did not.

    example-2

  2. 'Replay request' with the Authorization header and this (https://github.com/requestly/requestly/issues/1208#issuecomment-1801505984) workaround applied:

    example-3

Your Environment

sagarsoni7 commented 5 months ago

Thanks so much @totoberg123 for reporting this issue. Great that you discovered the workaround. We'll have a deep dive into this issue soon.

sagarsoni7 commented 5 months ago

Also, thanks for mentioning the whole context, env, repro steps & all the details. Most of the users miss it and issue stales

totoberg123 commented 5 months ago

@sagarsoni7

If you need more information or test results let me know! Im happy to help.

This workaround is not an ideal situation for me sadly. Since the Bearer token changes every hour I have to edit my HTTP Rule manually every 1 hour..

Since the issue is also known (and fixed!) for the Chrome exentension, I hope a fix can come soon to the Desktop App :)