From cfd48b3b2ec0fccfc162197518694ed59ceda22c Mon Sep 17 00:00:00 2001
From: Niko Korvenlaita <Nipsuli@users.noreply.github.com>
Date: Wed, 16 Oct 2024 15:56:36 +0300
Subject: [PATCH] feat: allow http calls without origin header (#1941)

---
 .changes/http-allow-skip-origin.md | 6 ++++++
 plugins/http/src/commands.rs       | 8 ++++++++
 2 files changed, 14 insertions(+)
 create mode 100644 .changes/http-allow-skip-origin.md

diff --git a/.changes/http-allow-skip-origin.md b/.changes/http-allow-skip-origin.md
new file mode 100644
index 00000000..99062245
--- /dev/null
+++ b/.changes/http-allow-skip-origin.md
@@ -0,0 +1,6 @@
+---
+"http": "patch"
+"http-js": "patch"
+---
+
+Allow skipping sending `Origin` header in HTTP requests by setting `Origin` header to an empty string when calling `fetch`.
diff --git a/plugins/http/src/commands.rs b/plugins/http/src/commands.rs
index cda21bd5..39a68973 100644
--- a/plugins/http/src/commands.rs
+++ b/plugins/http/src/commands.rs
@@ -264,6 +264,14 @@ pub async fn fetch<R: Runtime>(
                     }
                 }
 
+                // In case empty origin is passed, remove it. Some services do not like Origin header
+                // so this way we can remove it in explicit way. The default behaviour is still to set it
+                if cfg!(feature = "unsafe-headers")
+                    && headers.get(header::ORIGIN) == Some(&HeaderValue::from_static(""))
+                {
+                    headers.remove(header::ORIGIN);
+                };
+
                 if let Some(data) = data {
                     request = request.body(data);
                 }