Verify `server` header (!67) · Merge requests · it-bott-integrasjoner / dfo-sap-client

Trond Aasan requested to merge BOTTINT-47 into master Jul 14, 2022

https://jira.usit.uio.no/browse/BOTTINT-47

DFØ SAP API sets the Server HTTP header. It is less likely we misinterpret the response when we verify this header. Esp. 404 responses are problematic. If we blindly trust a 404 to mean "Resource not found", a configuration error or an error in the API manager may be misinterpreted as "This person doesn't have any permisjoner" instead of throwing an exception.

Edited Oct 26, 2022 by Trond Aasan

Verify `server` header

Merge request reports