diff --git a/pkg/authorization/authz.go b/pkg/authorization/authz.go index fd87e9bef0..a1edbcd89d 100644 --- a/pkg/authorization/authz.go +++ b/pkg/authorization/authz.go @@ -5,6 +5,7 @@ import ( "bytes" "fmt" "io" + "mime" "net/http" "strings" @@ -153,7 +154,12 @@ func sendBody(url string, header http.Header) bool { } // body is sent only for text or json messages - return header.Get("Content-Type") == "application/json" + contentType, _, err := mime.ParseMediaType(header.Get("Content-Type")) + if err != nil { + return false + } + + return contentType == "application/json" } // headers returns flatten version of the http headers excluding authorization diff --git a/pkg/authorization/authz_unix_test.go b/pkg/authorization/authz_unix_test.go index d9c7c70e77..cfdb9a0039 100644 --- a/pkg/authorization/authz_unix_test.go +++ b/pkg/authorization/authz_unix_test.go @@ -172,6 +172,66 @@ func TestDrainBody(t *testing.T) { } } +func TestSendBody(t *testing.T) { + var ( + url = "nothing.com" + testcases = []struct { + contentType string + expected bool + }{ + { + contentType: "application/json", + expected: true, + }, + { + contentType: "Application/json", + expected: true, + }, + { + contentType: "application/JSON", + expected: true, + }, + { + contentType: "APPLICATION/JSON", + expected: true, + }, + { + contentType: "application/json; charset=utf-8", + expected: true, + }, + { + contentType: "application/json;charset=utf-8", + expected: true, + }, + { + contentType: "application/json; charset=UTF8", + expected: true, + }, + { + contentType: "application/json;charset=UTF8", + expected: true, + }, + { + contentType: "text/html", + expected: false, + }, + { + contentType: "", + expected: false, + }, + } + ) + + for _, testcase := range testcases { + header := http.Header{} + header.Set("Content-Type", testcase.contentType) + + if b := sendBody(url, header); b != testcase.expected { + t.Fatalf("Unexpected Content-Type; Expected: %t, Actual: %t", testcase.expected, b) + } + } +} + func TestResponseModifierOverride(t *testing.T) { r := httptest.NewRecorder() m := NewResponseModifier(r)