Skip to content

fix: resolve secret references in HTTP headers #284

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Dumbris merged 1 commit into from
Jan 29, 2026
Merged

fix: resolve secret references in HTTP headers #284

Dumbris merged 1 commit into from
Jan 29, 2026

Conversation

@Josbleuet
Copy link
Contributor

@Josbleuet Josbleuet commented Jan 29, 2026

Fixes the bug where secret references (e.g., ${env:CONTEXT7_API_KEY}) in HTTP headers were not being resolved before passing to upstream servers.

The resolution logic existed for environment variables and arguments but was missing for headers, causing raw placeholder strings to be sent in HTTP requests instead of actual secret values.

Changes:

  • Added header secret resolution in NewClientWithOptions after args resolution
  • Mirrors the same pattern used for env vars and args resolution
  • Added comprehensive test suite with 4 test cases covering:
    • Single secret resolution in headers
    • Multiple secrets in different headers
    • No headers (nil) case
    • Static headers without secret references

This fix enables proper authentication with services like Context7 that require API keys in headers using the secret management system.

Pull Request

Description

Brief description of the changes in this PR.

Testing

  • I have tested these changes locally
  • I have added/updated tests that prove my fix is effective or my feature works
  • All existing tests pass

@Josbleuet @claude
fix: resolve secret references in HTTP headers
7636f0c 
Fixes the bug where secret references (e.g., ${env:CONTEXT7_API_KEY})
in HTTP headers were not being resolved before passing to upstream servers.

The resolution logic existed for environment variables and arguments but
was missing for headers, causing raw placeholder strings to be sent in
HTTP requests instead of actual secret values.

Changes:
- Added header secret resolution in NewClientWithOptions after args resolution
- Mirrors the same pattern used for env vars and args resolution
- Added comprehensive test suite with 4 test cases covering:
  * Single secret resolution in headers
  * Multiple secrets in different headers
  * No headers (nil) case
  * Static headers without secret references

This fix enables proper authentication with services like Context7 that
require API keys in headers using the secret management system.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Dumbris
Dumbris approved these changes Jan 29, 2026
View reviewed changes
Copy link
Contributor

@Dumbris Dumbris left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your contribution!
This is a clear improvement to the UX.

@Dumbris Dumbris merged commit 05fc9b1 into smart-mcp-proxy:main Jan 29, 2026
22 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Dumbris Dumbris Dumbris approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Josbleuet @Dumbris