Assigning `defaults.headers.common = { 'User-Agent': ... }` replaced the
entire common headers object, nuking axios's built-in default:
Accept: application/json, text/plain, */*
This caused servers relying on content-negotiation to receive requests
with no Accept header. Fix by extending the existing object with a
property assignment instead.
Add regression tests for both electron and CLI axios instances verifying
that Accept is preserved and User-Agent is set correctly.
Co-authored-by: Pragadesh-45 <temporaryg7904@gmail.com>
* fix(oauth2): prevent false callback matches on root path URLs and handle errors first
Move error check before callback URL matching in onWindowRedirect so
OAuth error responses are rejected immediately. Remove redundant error
param check from matchesCallbackUrl and require a code param or hash
fragment to match, preventing false positives on intermediate pages
when the callback URL is a root path like https://hostname/.
* fix(oauth2): clarify error handling comment
Remove "on the callback URL" from comment since error checking
now happens before callback URL matching.
* feat(): support multipart mixed
fix: support vars interpolation on mixed multi-part
Update packages/bruno-electron/src/ipc/network/interpolate-vars.js
Co-authored-by: Timon <39559178+Its-treason@users.noreply.github.com>
refactor: use startsWith
feat: best effort for other multipart/* contentypes
* feat: enhance variable interpolation for multipart requests
- Updated `interpolateVars` function to support interpolation in multipart/form-data and multipart/mixed requests.
- Added handling for empty multipart arrays and parts with missing or undefined values.
- Improved type checks for content types to ensure proper interpolation behavior.
Includes new tests to validate the interpolation functionality for multipart requests.
* fix: normalize error handling in sendRequest and improve test reliability
---------
Co-authored-by: Alfonso Presa <alfonso-presa@users.noreply.github.com>
* Fix -bin header handling in grpc
* fix: bin-header, tests
rm: tests
rm: unused
fix: bin header
fix: test
fix: test
rm: un-necessarycode
---------
Co-authored-by: Juan Pablo Orsay <jporsay@gmail.com>
* Import WSDL to bruno collection
* feat(wsdl-import): remove unused code and minor refactor
---------
Co-authored-by: Bijin Bruno <bijin@usebruno.com>
By default Axios will set the Content-Type for POST/PUT/PATCH requests
to "application/x-www-form-urlencoded" if the Content-Type header is not
specified.
This explicitly sets the content type to "false" when there the body
mode is set to "none", and the user has not set an explicit content type
themselves. Setting the content type to false directs Axios not to send
a Content-Type header.
* Now the form-url-encoded params in the body can contain multiple values with same name.
* Updated the tests and renamed the function name
* Added the inimported function
* Minor changes.
* Check OAuth2 redirect URL for matching callback URL and authorization code in query parameters
In an Authorization code flow, there may be multiple intermediate redirects before reaching the final one which matches the callback URL and has a code in the query params.
We should wait until we see a redirect URI that matches both the conditions. This fixes the issue where, when a redirect contains `code` as a query param but is not the final one (i.e., is not to the callback URL) an error is thrown saying the callback URL is invalid.
Fixes#2147
* Add test cases for callback URL check
* Update check to cover URLs with same host but different endpoints
* fix(#1143): Fix PR #971 - Add literal-segment notation in string only to variables that are not process env vars
* fix(#1143): Fix PR #971 - Add to CLI as well
* fix(#1143): Fix PR #971 - Use improved Regex after CR + add test case for escaped vars
