You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2020/10/22 07:54:15 UTC

[GitHub] [apisix] gxthrj commented on issue #2490: discuss: In the request of the `hmac-auth` plugin, remove the request header related to the plugin

gxthrj commented on issue #2490:
URL: https://github.com/apache/apisix/issues/2490#issuecomment-714305379


   > > I think after parsing `Authorization`, we can get the value of `access-key` and add ʻaccess-key`to the http request header. Then`Authorization` can be removed.
   > 
   > Or we do not support the way of putting the signature information together in the Authorization field.
   > I didn't find any benefits for this.
   > 
   > 1. Hidden the header organization order.
   > 2. There is no corresponding header name definition.
   > 3. `access-key` as the user flag should not be hidden in `Authorization`.
   
   I create a new issue #2496 to discuss.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org