-
Notifications
You must be signed in to change notification settings - Fork 167
Parse authorization header #3279
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Codecov ReportAttention: Patch coverage is
❌ Your patch status has failed because the patch coverage (18.18%) is below the target coverage (90.00%). You can increase the patch coverage or adjust the target coverage.
Additional details and impacted files@@ Coverage Diff @@
## master #3279 +/- ##
============================================
- Coverage 79.23% 73.23% -6.01%
Complexity 2969 2969
============================================
Files 119 146 +27
Lines 11685 16145 +4460
Branches 0 1114 +1114
============================================
+ Hits 9259 11823 +2564
- Misses 2426 3743 +1317
- Partials 0 579 +579
Flags with carried forward coverage won't be shown. Click here to find out more.
... and 32 files with indirect coverage changes Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
Benchmarks [ appsec ]Benchmark execution time: 2025-06-26 12:13:13 Comparing candidate commit 6c31010 in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics. |
ff8a41e
to
0bbf0a0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The scanner test only requires the header schema no the header itself as a tag, this needs to be passed to libddwaf as part of the server.request.headers.no_cookies
address.
We should certainly not be sending this in the trace.
ec06df7
to
d2e7536
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM although I'd add a bit more in the description as this only covers digest authorization scheme but not others such as basic or bearer
32bf10a
to
e8671b6
Compare
e8671b6
to
69aada0
Compare
Description
Parse authorization header
Reviewer checklist