chore: use consistent casing for header names (required by openAPI)

Signed-off-by: Ferdinand Thiessen <[email protected]>
nextcloud · provokateurin · Jun 9, 2025 · Jun 7, 2025 · Jun 9, 2025 · Jun 9, 2025
commit 495c364268abc7346b852bf515e39cf34bcb33b1
@@ -107,7 +107,7 @@ public function getPreview(
 		$downloadForbidden = $attributes?->getAttribute('permissions', 'download') === false;
 		// Is this header is set it means our UI is doing a preview for no-download shares
 		// we check a header so we at least prevent people from using the link directly (obfuscation)
-		$isPublicPreview = $this->request->getHeader('X-NC-Preview') === 'true';
+		$isPublicPreview = $this->request->getHeader('x-nc-preview') === 'true';
 
 		if ($isPublicPreview && $downloadForbidden) {
 			// Only cache for 15 minutes on public preview requests to quickly remove from cache

@@ -144,7 +144,7 @@ public function testShareNoDownloadButPreviewHeader() {
 			->willReturn($attributes);
 
 		$this->request->method('getHeader')
-			->with('X-NC-Preview')
+			->with('x-nc-preview')
 			->willReturn('true');
 
 		$file = $this->createMock(File::class);
@@ -184,7 +184,7 @@ public function testShareWithAttributes() {
 			->willReturn($attributes);
 
 		$this->request->method('getHeader')
-			->with('X-NC-Preview')
+			->with('x-nc-preview')
 			->willReturn('true');
 
 		$file = $this->createMock(File::class);

@@ -137,7 +137,7 @@ public function create(
 	): DataResponse {
 		$appId = null;
 		if ($this->session->get('app_api') === true) {
-			$appId = $this->request->getHeader('EX-APP-ID');
+			$appId = $this->request->getHeader('ex-app-id');
 		}
 		try {
 			$authMethod = AuthMethod::from($authMethod ?? AuthMethod::None->value);
@@ -206,7 +206,7 @@ public function update(
 	): DataResponse {
 		$appId = null;
 		if ($this->session->get('app_api') === true) {
-			$appId = $this->request->getHeader('EX-APP-ID');
+			$appId = $this->request->getHeader('ex-app-id');
 		}
 		try {
 			$authMethod = AuthMethod::from($authMethod ?? AuthMethod::None->value);
@@ -271,7 +271,7 @@ public function destroy(int $id): DataResponse {
 	/**
 	 * Remove all existing webhook registration mapped to an AppAPI app id
 	 *
-	 * @param string $appid id of the app, as in the EX-APP-ID for creation
+	 * @param string $appid id of the app, as in the ex-app-id for creation
 	 *
 	 * @return DataResponse<Http::STATUS_OK, int, array{}>
 	 *

@@ -77,7 +77,7 @@ public function getAppPassword(): DataResponse {
 			$password = null;
 		}
 
-		$userAgent = $this->request->getHeader('USER_AGENT');
+		$userAgent = $this->request->getHeader('user-agent');
 
 		$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
 

@@ -65,7 +65,7 @@ public function __construct(
 	}
 
 	private function getClientName(): string {
-		$userAgent = $this->request->getHeader('USER_AGENT');
+		$userAgent = $this->request->getHeader('user-agent');
 		return $userAgent !== '' ? $userAgent : 'unknown';
 	}
 

@@ -293,7 +293,7 @@ private function handleFlowDone(bool $result): StandaloneTemplateResponse {
 	#[OpenAPI(scope: OpenAPI::SCOPE_DEFAULT)]
 	public function init(): JSONResponse {
 		// Get client user agent
-		$userAgent = $this->request->getHeader('USER_AGENT');
+		$userAgent = $this->request->getHeader('user-agent');
 
 		$tokens = $this->loginFlowV2Service->createTokens($userAgent);
 

@@ -152,7 +152,7 @@ private function fetchPreview(
 
 		// Is this header is set it means our UI is doing a preview for no-download shares
 		// we check a header so we at least prevent people from using the link directly (obfuscation)
-		$isNextcloudPreview = $this->request->getHeader('X-NC-Preview') === 'true';
+		$isNextcloudPreview = $this->request->getHeader('x-nc-preview') === 'true';
 		$storage = $node->getStorage();
 		if ($isNextcloudPreview === false && $storage->instanceOfStorage(ISharedStorage::class)) {
 			/** @var ISharedStorage $storage */