ronething opened a new issue, #11126: URL: https://github.com/apache/apisix/issues/11126
### Current Behavior when use duplicate signature header, hmac auth plugin will panic and return 500 ### Expected Behavior In APISIX, most of the obtained headers are used directly as strings. Only a few scenarios may be used as arrays, which need to be checked to ensure that the data is used as expected to avoid errors. If it's a bug, please assign this issue to me, we can change `core.request.header` function return string instead of table to avoid this problem. ### Error Logs  ### Steps to Reproduce 1、run apisix with master branch 2、add duplicate signature header in `TEST 16: verify: invalid signature` to file `t/plugin/hmac-auth.t` ``` --- more_headers X-HMAC-SIGNATURE: asdf X-HMAC-SIGNATURE: asdf ``` 3、run test case for `t/plugin/hmac-auth.t`, and you can see 500 Internal Server Error ### Environment - APISIX version (run `apisix version`): - Operating system (run `uname -a`): - OpenResty / Nginx version (run `openresty -V` or `nginx -V`): - etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`): - APISIX Dashboard version, if relevant: - Plugin runner version, for issues related to plugin runners: - LuaRocks version, for installation issues (run `luarocks --version`): -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
