Validate Response Headers

[herwind]

Hi! Is there a way to validate Headers defined in the swagger definition file?. I defined Headers for 201 response, but swagger's validator does not thrown any schema validation issue when headers are not sent.

  responses:
    '201':
      description: User registered but not confirmed
      schema:
        "$ref": "#/definitions/UserRegister"
      headers:
        x-confirmation-token:
          type: string
          description: Confirmation token generated
        x-confirmation-email:
          type: string
          description: Confirmation email submited

By the way, thanks for this awsome library!

[whitlockjc]

It should be happening but upon looking at the code, I don't see it. I'll write a unit test and go from there.

[whitlockjc]

I reached out to @webron to get his opinion on if response headers are required to be sent (and should be validated as such) or if they are optional (and should be validated when present). Here is what he said:

I would say no. If you look at the description of the Response Object, it says `A list of
headers that are sent with the response.` suggesting they must exist. If you look at the
Headers Object, the description says `Lists the headers that can be sent as part of a
response.` which is less strict.

He also suggested a great idea, making this a configuration option. Thoughts?

[herwind]

Thanks @whitlockjc @webron's idea sounds great! I undesrtand @webron point about Headers Object description.

Now, for this idea:

• It should validate response header even if response is not going to be validated? middleware.swaggerValidator({validateResponse: false; validateResponseHeader: true}); // Do not validate response headers
• It should validate response header only if response is going to be validated? (this makes sense) middleware.swaggerValidator({validateResponse: true; validateResponseHeader: true}); // It will validate response header