Action output to external HTTP server - authorization header issue

[pycan-jouza]

What happened?

I've got a flow that based on incoming topic message notifies external HTTP server. The problem is with authorization header. Upon saving the header value, the value turns to ******.

I thought this is just the security feature of the web UI to not expose any sensitive values. After crazy amount of hours debugging, I've found out that the header value ACTUALLY is ******. That's what's being sent to external server. Naturally, the authentication always fails.

What did you expect to happen?

Header value that user entered should be used, not ******.

How can we reproduce it (as minimally and precisely as possible)?

No response

Anything else we need to know?

No response

EMQX version

version
5.6.0

OS version

# On Linux:
$ cat /etc/os-release
# paste output here
$ uname -a
# paste output here

Log files

[keynslug]

Hi @pycan-jouza, thanks for reporting.

I can confirm that this currently happens when one makes changes to the existing HTTP connector (or Webhook) configuration that already has some sensitive header configured. We'll work on the fix, but in the meantime you could try to resupply the authorization header value during editing, or conduct changes through the API.

[thalesmg]

Hi @pycan-jouza , thanks for your report. This bug shall be fixed when we release 5.7.0.