Without Spring Security

[jzheaux]

This PR removes Spring Security and demonstrates that the empty header error happens without it.

I noticed that sometimes a different error comes up, also equally inscrutable, related to flawed header writing.

Other than the reported empty headers error, I sometimes saw this:

Caused by: org.springframework.web.reactive.function.UnsupportedMediaTypeException: Content type 'application/octet-stream' not supported for bodyType=com.github.david0.streamedheaderproblem.FooController$Identifier

[david0]

Yes, that reproduces the problem too.

I noticed even the payload is screwed up sometimes:

POST /foo HTTP/1.1
accept-encoding: gzip
user-agent: ReactorNetty/1.1.20
host: localhost:8080
transfer-encoding: chunked
Accept: application/x-ndjson

HTTP/1.1 200 
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: application/x-ndjson
X-Frame-Options: DENY
Date: Fri, 09 Aug 2024 05:49:24 GMT

7
{"i":0}
1


0