From 9dd62746fffde2f075e4952d074e4146cbf91e64 Mon Sep 17 00:00:00 2001
From: Niko Korvenlaita <n.p.ahonen@gmail.com>
Date: Mon, 14 Oct 2024 14:28:13 +0300
Subject: [PATCH] Allow http calls without origin header

Example Clerk auth provider does not work when both Authorization and
Origin headers are set. This allows one to skip setting the origin
header explicitly.
---
 plugins/http/src/commands.rs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/plugins/http/src/commands.rs b/plugins/http/src/commands.rs
index cda21bd5..39a68973 100644
--- a/plugins/http/src/commands.rs
+++ b/plugins/http/src/commands.rs
@@ -264,6 +264,14 @@ pub async fn fetch<R: Runtime>(
                     }
                 }
 
+                // In case empty origin is passed, remove it. Some services do not like Origin header
+                // so this way we can remove it in explicit way. The default behaviour is still to set it
+                if cfg!(feature = "unsafe-headers")
+                    && headers.get(header::ORIGIN) == Some(&HeaderValue::from_static(""))
+                {
+                    headers.remove(header::ORIGIN);
+                };
+
                 if let Some(data) = data {
                     request = request.body(data);
                 }