httpx_auth icon indicating copy to clipboard operation
httpx_auth copied to clipboard

Published 20 hours ago verified publisher icon Colin-b

Question: Why define headers to sign

Open FlorianLudwig opened this issue 3 years ago • 2 comments

From reading the code of botocore it seems that they sign all headers except those in a blacklist:

SIGNED_HEADERS_BLACKLIST = [
    'expect',
    'user-agent',
    'x-amzn-trace-id',
]

httpx_auth on the other hand works with a include list approach.

Why?

FlorianLudwig avatar Feb 16 '22 13:02 FlorianLudwig

Hi @FlorianLudwig,

Could you tell me what the issue is with this behavior?

ie: you need to exclude some header because of a specific issue?

Colin-b avatar Feb 16 '22 21:02 Colin-b

Hi @Colin-b ,

I don't have an issue or specific use case. I was just comparing what boto does with what your code does. And wondered why they behave differently.

FlorianLudwig avatar Apr 29 '22 14:04 FlorianLudwig

Hi @FlorianLudwig , latest version now behaves as documented by AWS. You can specify "*" in the headers to include if you want all of them.

Colin-b avatar Feb 17 '24 19:02 Colin-b