Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix error when authorization header is nil #729

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix error when authorization header is nil #729

wants to merge 1 commit into from

Conversation

koszta
Copy link

@koszta koszta commented Apr 19, 2024

Fix error with Bandit when a client sends an empty Authorization header.

** (FunctionClauseError) no function clause matching in String.trim/1
    (elixir 1.16.2) lib/string.ex:1293: String.trim(nil)
    (guardian 2.3.2) lib/guardian/plug/verify_header.ex:167: Guardian.Plug.VerifyHeader.fetch_token_from_header/3
    (guardian 2.3.2) lib/guardian/plug/verify_header.ex:88: Guardian.Plug.VerifyHeader.call/2
    (api 0.0.1) ApiWeb.Router.guardian/2
    (api 0.0.1) lib/api_web/router.ex:1: ApiWeb.Router.__pipe_through0__/1
    (phoenix 1.7.12) lib/phoenix/router.ex:475: Phoenix.Router.__call__/5
    (api 0.0.1) deps/plug/lib/plug/error_handler.ex:80: ApiWeb.Router.call/2
    (api 0.0.1) lib/api_web/endpoint.ex:1: ApiWeb.Endpoint.plug_builder_call/2
Last message: {:continue, :start_stream}

@koszta koszta requested a review from a team as a code owner April 19, 2024 09:27
paulswartz
paulswartz reviewed Apr 19, 2024
View reviewed changes
Copy link

@paulswartz paulswartz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like a bug in Bandit? The type of req_headers says the value should always be a binary().

yordis
yordis requested changes May 17, 2024
View reviewed changes
Copy link
Member

@yordis yordis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@koszta do you mind confirming that this is an expected behavior and it is not a bug in Bandit or something else?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paulswartz paulswartz paulswartz left review comments

@yordis yordis yordis requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@koszta @paulswartz @yordis