@azure/msal-browser
Version:
Microsoft Authentication Library for js
57 lines (54 loc) • 2.24 kB
JavaScript
/*! @azure/msal-browser v5.11.0 2026-05-19 */
;
import { CustomHeaderConstants } from '../../CustomAuthConstants.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Filters the headers returned by a {@link CustomAuthRequestInterceptor},
* keeping only those that conform to the custom-auth header naming rules.
*
* Rules (mirrors the iOS / Android native auth implementations):
* - Header names must start with `x-` (case-insensitive); others are dropped.
* - Header names that start with any reserved prefix (`x-client-`, `x-ms-`,
* `x-broker-`, `x-app-`) are dropped.
* - Headers with empty/whitespace-only names or null/undefined values are dropped.
*
* Dropped headers are logged as warnings (PII-safe) when a logger is provided.
*
* @param headers - Raw headers returned by the interceptor.
* @param logger - Optional logger used to emit warnings for dropped headers.
* @param correlationId - Optional correlation id forwarded to the logger.
* @returns A new record containing only the headers that pass the filter,
* preserving the original casing of header names.
*/
function filterCustomHeaders(headers, logger, correlationId) {
const filtered = {};
if (!headers) {
return filtered;
}
for (const [name, value] of Object.entries(headers)) {
if (!name || value === undefined || value === null) {
continue;
}
const trimmedName = name.trim();
if (!trimmedName) {
continue;
}
const lowerName = trimmedName.toLowerCase();
if (!lowerName.startsWith(CustomHeaderConstants.REQUIRED_PREFIX)) {
logger?.warningPii("0vzpop", correlationId ?? "");
continue;
}
const reservedPrefix = CustomHeaderConstants.RESERVED_PREFIXES.find((prefix) => lowerName.startsWith(prefix));
if (reservedPrefix) {
logger?.warningPii("1m3lhk", correlationId ?? "");
continue;
}
filtered[trimmedName] = value;
}
return filtered;
}
export { filterCustomHeaders };
//# sourceMappingURL=CustomHeaderUtils.mjs.map