[NT-88] Send client_id in request headers #839
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
📲 What
With requests going to the
v1
API, we would usually send theclient_id
as a query param. For/graph
requests (which are allPOST
requests) we'd rather send theclient_id
in a custom header. For consistency, this PR adds the new custom header to all our requests.🤔 Why
Increased security for
/graph
requests.🛠 How
Added
X-KICKSTARTER-CLIENT
to ourdefaultHeaders
.✅ Acceptance criteria
This can be tested using Charles proxy.
x-kickstarter-client
header appears in/v1
requests (ex. discovery screen)x-kickstarter-client
header appears in/graph
query requests (ex. viewing stored cards)x-kickstarter-client
header appears in/graph
mutation requests (ex. adding a new stored card)