View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0035286 | mantisbt | api rest | public | 2025-02-01 04:53 | 2025-02-02 09:18 |
Reporter | dregad | Assigned To | |||
Priority | normal | Severity | feature | Reproducibility | have not tried |
Status | confirmed | Resolution | open | ||
Summary | 0035286: REST API: follow Standards for Authorization header | ||||
Description | Our implementation of API tokens in Authorization header is not compliant with the standard defined by RFC-9110, which requires that an authentication scheme is specified before the actual credentials, while we expect just We need to
See MDN reference on Authorization header and Authentication schemes for more practical information on the standard. | ||||
Additional Information | Follows discussion in PR https://github.com/mantisbt/mantisbt/pull/2071
| ||||
Tags | No tags attached. | ||||