remove x-gitbook-token-placeholder for http

Author: nolannbiron

packages/react-openapi/src/util/tryit-prefill.test.ts

@@ -419,8 +419,8 @@ describe('resolvePrefillCodePlaceholderFromSecurityScheme (integration style)',
     it('should prioritize x-gitbook-prefill over x-gitbook-token-placeholder when both are present', () => {
         const result = resolvePrefillCodePlaceholderFromSecurityScheme({
             security: {
-                type: 'http',
-                scheme: 'bearer',
+                type: 'apiKey',
+                in: 'header',
                 'x-gitbook-prefill': '{{ visitor.claims.apiToken }}',
                 'x-gitbook-token-placeholder': 'API_TOKEN_KEY',
             },
@@ -441,6 +441,19 @@ describe('resolvePrefillCodePlaceholderFromSecurityScheme (integration style)',
 
         expect(result).toBe('YOUR_API_KEY_HERE');
     });
+
+    it('should not use x-gitbook-token-placeholder for http scheme', () => {
+        const result = resolvePrefillCodePlaceholderFromSecurityScheme({
+            security: {
+                type: 'http',
+                scheme: 'bearer',
+                'x-gitbook-token-placeholder': 'YOUR_API_KEY_HERE',
+            },
+            defaultPlaceholderValue: 'YOUR_API_TOKEN',
+        });
+
+        expect(result).toBe('YOUR_API_TOKEN');
+    });
 });
 
 describe('resolveURLWithPrefillCodePlaceholdersFromServer', () => {

packages/react-openapi/src/util/tryit-prefill.ts

@@ -178,7 +178,8 @@ export function resolvePrefillCodePlaceholderFromSecurityScheme(args: {
 
     if (prefillExprParts.length === 0) {
         // If no x-gitbook-prefill, check for x-gitbook-token-placeholder
-        if (security['x-gitbook-token-placeholder']) {
+        // We also disable it for http schemes to avoid confusion with the Authorization header.
+        if (security.type !== 'http' && security['x-gitbook-token-placeholder']) {
             return security['x-gitbook-token-placeholder'];
         }
         return defaultPlaceholderValue ?? '';