Make Authorization header field case insensitive

4 posts in this topic Last Reply

Recommended Posts

Currently, emhttp is checking for an "Authorization" header.


I guess it's something like:


if (header == "Authorization") ...


Could you make it case-insensitive ?


if (lowercase(header) == "authorization") ...


The http standard says header fields should be case-insensitive


4.2 Message Headers

   HTTP header fields, which include general-header (section 4.5),
   request-header (section 5.3), response-header (section 6.2), and
   entity-header (section 7.1) fields, follow the same generic format as
   that given in Section 3.1 of RFC 822 [9]. Each header field consists
   of a name followed by a colon (":") and the field value. Field names
   are case-insensitive. 


Just wondering if you'd be open to such a change.

Link to post
  • 3 years later...

Apologies for reviving this thread, I remembered I had asked for this before.


I'm trying to implement support for 6.8.x in the ControlR app and I'm using axios (a javascript http client library) now to connect to the server.


axios lower-cases request headers and I'm getting rejected by Unraid when sending an 'authorization: ...'.


Before axios, I was using an ad-hoc library that is a burden to maintain, but it didn't lower-case headers, so when I sent 'Authorization: ...' it worked.


Maybe this change fell through the cracks at some point in time :)


Let me know if that's actually the case and if you can get it in for 6.8.x.

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.