Why we remove HttpHeaderNames.AUTHORIZATION in case use Proxy?

Th_nh_Lam · June 12, 2020, 9:38am

Hi Guys,

I was trying to use a proxy for my scenario.

I have an application A behind a proxy B. The application A requires Bearer Authorization.

My set up for testing:

`

private val httpConfig = http.disableWarmUp.proxy( Proxy(“localhost”, 8080))

setUp( new Scenario()).protocols(httpConfig)

`

I tried to send a GET request to the application A and also provided Bearer token.

But on RedirectProcessor, the Authorization header has been removed.

Auto Generated Inline Image 1.png

Why should we remove it? Could we have an option to keep Authorization header

slandelle · June 12, 2020, 9:51am

Auto Generated Inline Image 1.png

Th_nh_Lam · June 15, 2020, 6:43am

Is the Authorization header removed because it related to a Security issue, or Is it just simply a bug?

Topic		Replies	Views
UAA service DELETE request basic authentication error Gatling (Open-Source)	4	94	December 27, 2013
HTTP 307 doesn't keep headers Gatling (Open-Source)	6	148	January 21, 2015
Failing to set Authorization header Gatling (Open-Source)	4	103	January 9, 2015
Question: why gatling doesn't redirect to link pointed within 302 response header Gatling (Open-Source)	7	118	July 23, 2015
Credentials are not attached to proxy request Gatling (Open-Source)	1	97	December 3, 2019