Built-in Anonymous

[aress31]

For ease-of-use sake, could you please consider implementing an anonymous session feature, where the extension would be checking for unauthenticated requests?

Alternatively, how could this be achieved with Authorization Bearer?

Thanks, Alex

[simioni87]

Hi Alex You are already able to test unauthenticated requests. Just create an anoynmous session and overwrite the header of your choice with a non-authenticated value. E.g. Cookie: anygarbage; Authorization: moregarbage;

Depending on the application you have to choose an existing value. E.g. an unauthenticated cookie value.

A code based implementation would basically do the same stuff.

Best regards

[aress31]

A better option - IMHO - would be to totally remove the Authorization header from the request as it is application specific how they handle incorrect headers.

[simioni87]

Okay, this is a good point. I could implement a feature called "remove header". Many apps that I have tested require a valid cookie value even in the unauthenticated context. For this reason I think it would be the best to implement just an additional feature for removing a specified header and keep the rest as it is. Thanks

[simioni87]

Hi aress31 The remove header option is implemented in the latest version (1.1.3). Have fun :)

[claconsay]

Hi simioni87

The remove header feature is cool, I also use it in some cases. The only problem I'm facing right now is that when I select the Remove Header(r), all of the headers I put on the text field will be gone and won't be able to replace the value of other headers. I hope you can also introduce a feature where there is a field for headers to be replaced, and another field for headers to be removed.

Say, for example, I have the following headers on the original request:

X-Token: originaltoken
X-UserId: originaluserid

What I want is to remove the header X-Token, and to replace the value of X-UserId so that the new request will be now:

X-UserId: modifieduserid

I'm not sure though if there's a way to do that on the app as of the moment.

Thanks,

[simioni87]

Hey claconsay,

Good idea, thanks for your input! I'll implement this with the next release.

Thanks and best regards Simon

[simioni87]

Hi there

Removing header(s) is now possible with a seperated text field:

Header(s) to remove and Header(s) to replace can be definied at same time.

Have fun and best regards

[claconsay]

Sweet! Thank you so much simioni87!