node: match auth-schema case insensitively (#35022)

This commit is contained in:
cui 2026-07-03 00:18:58 +08:00 committed by GitHub
parent 448515a448
commit f9417bb279
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -47,7 +47,7 @@ func (handler *jwtHandler) ServeHTTP(out http.ResponseWriter, r *http.Request) {
strToken string
claims jwt.RegisteredClaims
)
if auth := r.Header.Get("Authorization"); strings.HasPrefix(auth, "Bearer ") {
if auth := r.Header.Get("Authorization"); len(auth) >= 7 && strings.EqualFold(auth[:7], "bearer ") {
strToken = strings.TrimPrefix(auth, "Bearer ")
}
if len(strToken) == 0 {