Fix header validation per RFC 7230 and add null check
Address Copilot AI feedback: - Remove underscore support from header names (RFC 7230 compliance) - Add explicit null check for JSON parsing - Update validation regex to /^[A-Za-z0-9-]+$/ - Add test case for null value handling - Update documentation to clarify header name requirements Changes: - Header names now only accept alphanumeric characters and hyphens - Improved error messages for invalid headers - Added test for null JSON input - Updated APIM example tests All 81 tests passing.
This commit is contained in:
@@ -200,6 +200,8 @@ steps:
|
||||
- **Observability**: Add metadata for logging, monitoring, and debugging
|
||||
- **Routing**: Control request routing through custom gateways or load balancers
|
||||
|
||||
**Header name requirements**: Header names must contain only alphanumeric characters and hyphens (following RFC 7230). Underscores and other special characters are not allowed.
|
||||
|
||||
**Security note**: Always use GitHub secrets for sensitive header values like API keys, tokens, or passwords. The action automatically masks common sensitive headers (containing `key`, `token`, `secret`, `password`, or `authorization`) in logs.
|
||||
|
||||
### GitHub MCP Integration (Model Context Protocol)
|
||||
|
||||
Reference in New Issue
Block a user