Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
[HttpClient] strengthen bearer validation #30561
Mar 14, 2019
In my experience, when using bearer tokens and Guzzle I passed the token "as is". Will this change require us to do a manual
It looks cumbersome and too low-level. Also, Basic authentication is base64-encoded when including it as a HTTP header, but we don't force users to do a
I agree with Nico's main argument about potential security issues ... but we can instead throw an error when the token doesn't include "normal" characters.