Can't detect non present header fields #489

New Issue

Closed

opened 2025-12-29 15:25:04 +01:00 by adam · 5 comments

adam commented 2025-12-29 15:25:04 +01:00

Owner

Copy Link

Originally created by @MichaelIDS on GitHub (Feb 16, 2023).

I was trying to do bad/missing header field detection.
I could detect the values of a header fine when it was present, however, I can't seem to get anything to trigger when it's not present.
I lifted the below api-key check from the Wiki, but for me this doesn't ever trigger.

{
        "Swagger Doc Title": "Bad Request",
        "Comment": "Bad JWT token",
        "Priority": 1,
        "Request": {
            "Path": {
                "Matchers": [
                    {
                        "Name": "ExactMatcher",
                        "Pattern": "/timeEntry"
                    }
                ]
            },
            "Headers": [
                {
                    "Name": "api-key",
                    "Matchers": [
                        {
                            "Name": "WildcardMatcher",
                            "Pattern": "*",
                            "IgnoreCase": true,
                            "RejectOnMatch": true
                        }
                    ]
                }
            ]
        },
        "Response": {
            "StatusCode": 400,
            "Headers": {
                "Content-Type": "application/json"
            },
            "BodyAsJson": {
                "errorMessage": "Validation exception",
                "status": 400,
                "WireMock reason": "Bad Authorization bearer token"
            },
            "UseTransformer": false
        }
    }

Log output for sample request without this Header field provided.

{
  "Guid": "a5054f98-75e7-4b04-b110-0ed2e53b3ece",
  "Request": {
    "ClientIP": "::1",
    "DateTime": "2023-02-16T14:03:06.5702065Z",
    "Path": "/timeEntry",
    "AbsolutePath": "/timeEntry",
    "Url": "http://localhost:9091/timeEntry",
    "AbsoluteUrl": "http://localhost:9091/timeEntry",
    "ProxyUrl": null,
    "Query": {},
    "Method": "POST",
    "Headers": {
      "Postman-Token": [
        "89b82b0b-8fa9-4185-8240-945029798d16"
      ],
      "Connection": [
        "keep-alive"
      ],
      "Content-Length": [
        "54"
      ],
      "Content-Type": [
        "application/json"
      ],
      "Accept": [
        "*/*"
      ],
      "Accept-Encoding": [
        "gzip, deflate, br"
      ],
      "Host": [
        "localhost:9091"
      ],
      "User-Agent": [
        "PostmanRuntime/7.31.0"
      ]
    },
    "Cookies": {},
    "Body": "{\n  \"username\": \"username\",\n  \"password\": \"password\"\n}",
    "BodyAsJson": {
      "username": "username",
      "password": "password"
    },
    "BodyAsBytes": null,
    "BodyEncoding": {
      "CodePage": 65001,
      "EncodingName": "Unicode (UTF-8)",
      "WebName": "utf-8"
    },
    "DetectedBodyType": "Json",
    "DetectedBodyTypeFromContentType": "Json"
  },
  "Response": {
    "StatusCode": 404,
    "Headers": {
      "Content-Type": [
        "application/json"
      ]
    },
    "BodyDestination": null,
    "Body": null,
    "BodyAsJson": {
      "Guid": null,
      "Status": "No matching mapping found"
    },
    "BodyAsBytes": null,
    "BodyAsFile": null,
    "BodyAsFileIsCached": null,
    "BodyOriginal": null,
    "BodyEncoding": null,
    "DetectedBodyType": 2,
    "DetectedBodyTypeFromContentType": null,
    "FaultType": null,
    "FaultPercentage": null
  },
  "MappingGuid": null,
  "MappingTitle": null,
  "RequestMatchResult": null,
  "PartialMappingGuid": "35eda15f-6568-4a71-8fb7-a98d2eea1be4",
  "PartialMappingTitle": null,
  "PartialRequestMatchResult": {
    "TotalScore": 3.0,
    "TotalNumber": 4,
    "IsPerfectMatch": false,
    "AverageTotalScore": 0.75,
    "MatchDetails": [
      {
        "Name": "PathMatcher",
        "Score": 0.0
      },
      {
        "Name": "MethodMatcher",
        "Score": 1.0
      },
      {
        "Name": "HeaderMatcher",
        "Score": 1.0
      },
      {
        "Name": "BodyMatcher",
        "Score": 1.0
      }
    ]
  }
}

Originally created by @MichaelIDS on GitHub (Feb 16, 2023). I was trying to do bad/missing header field detection. I could detect the values of a header fine when it was present, however, I can't seem to get anything to trigger when it's not present. I lifted the below api-key check from the Wiki, but for me this doesn't ever trigger. ``` json { "Swagger Doc Title": "Bad Request", "Comment": "Bad JWT token", "Priority": 1, "Request": { "Path": { "Matchers": [ { "Name": "ExactMatcher", "Pattern": "/timeEntry" } ] }, "Headers": [ { "Name": "api-key", "Matchers": [ { "Name": "WildcardMatcher", "Pattern": "*", "IgnoreCase": true, "RejectOnMatch": true } ] } ] }, "Response": { "StatusCode": 400, "Headers": { "Content-Type": "application/json" }, "BodyAsJson": { "errorMessage": "Validation exception", "status": 400, "WireMock reason": "Bad Authorization bearer token" }, "UseTransformer": false } } ``` Log output for sample request without this Header field provided. ```json { "Guid": "a5054f98-75e7-4b04-b110-0ed2e53b3ece", "Request": { "ClientIP": "::1", "DateTime": "2023-02-16T14:03:06.5702065Z", "Path": "/timeEntry", "AbsolutePath": "/timeEntry", "Url": "http://localhost:9091/timeEntry", "AbsoluteUrl": "http://localhost:9091/timeEntry", "ProxyUrl": null, "Query": {}, "Method": "POST", "Headers": { "Postman-Token": [ "89b82b0b-8fa9-4185-8240-945029798d16" ], "Connection": [ "keep-alive" ], "Content-Length": [ "54" ], "Content-Type": [ "application/json" ], "Accept": [ "*/*" ], "Accept-Encoding": [ "gzip, deflate, br" ], "Host": [ "localhost:9091" ], "User-Agent": [ "PostmanRuntime/7.31.0" ] }, "Cookies": {}, "Body": "{\n \"username\": \"username\",\n \"password\": \"password\"\n}", "BodyAsJson": { "username": "username", "password": "password" }, "BodyAsBytes": null, "BodyEncoding": { "CodePage": 65001, "EncodingName": "Unicode (UTF-8)", "WebName": "utf-8" }, "DetectedBodyType": "Json", "DetectedBodyTypeFromContentType": "Json" }, "Response": { "StatusCode": 404, "Headers": { "Content-Type": [ "application/json" ] }, "BodyDestination": null, "Body": null, "BodyAsJson": { "Guid": null, "Status": "No matching mapping found" }, "BodyAsBytes": null, "BodyAsFile": null, "BodyAsFileIsCached": null, "BodyOriginal": null, "BodyEncoding": null, "DetectedBodyType": 2, "DetectedBodyTypeFromContentType": null, "FaultType": null, "FaultPercentage": null }, "MappingGuid": null, "MappingTitle": null, "RequestMatchResult": null, "PartialMappingGuid": "35eda15f-6568-4a71-8fb7-a98d2eea1be4", "PartialMappingTitle": null, "PartialRequestMatchResult": { "TotalScore": 3.0, "TotalNumber": 4, "IsPerfectMatch": false, "AverageTotalScore": 0.75, "MatchDetails": [ { "Name": "PathMatcher", "Score": 0.0 }, { "Name": "MethodMatcher", "Score": 1.0 }, { "Name": "HeaderMatcher", "Score": 1.0 }, { "Name": "BodyMatcher", "Score": 1.0 } ] } } ```

adam added the question label 2025-12-29 15:25:04 +01:00

adam closed this issue 2025-12-29 15:25:04 +01:00

adam commented 2025-12-29 15:25:05 +01:00

Author

Owner

Copy Link

@MichaelIDS commented on GitHub (Feb 16, 2023):

I also tried a simple ExactMatcher and neither RejectOnMatch true or false matched.
If I remove the header check entirely then it matches, so I know the path element is correct.

"Headers": [
                {
                    "Name": "api-key",
                    "Matchers": [
                        {
                            "Name": "ExactMatcher",
                            "Pattern": "",
                            "IgnoreCase": true,
                            "RejectOnMatch": false
                        }
                    ]
                }
            ]

Built against WireMock 1.5.16 from NuGet.

@MichaelIDS commented on GitHub (Feb 16, 2023): I also tried a simple ExactMatcher and neither RejectOnMatch true or false matched. If I remove the header check entirely then it matches, so I know the path element is correct. ``` json "Headers": [ { "Name": "api-key", "Matchers": [ { "Name": "ExactMatcher", "Pattern": "", "IgnoreCase": true, "RejectOnMatch": false } ] } ] ``` Built against WireMock 1.5.16 from NuGet.

adam commented 2025-12-29 15:25:06 +01:00

Author

Owner

Copy Link

@MichaelIDS commented on GitHub (Feb 17, 2023):

As a workaround I set a requirement on my valid response for a wildcard result "*" for this header, thus stopping a request missing it from reaching the valid response matcher. It does mean that it ends up in my final generic catch-all bad request mapping, which is less ideal, but documentable.

EDIT: I have ended up with a second catch-all request handler to differentiate requests missing this header from any other unhandled bad requests. But I hoped to avoid this as it means I have duplication of request requirement logic across multiple mappings.

@MichaelIDS commented on GitHub (Feb 17, 2023): As a workaround I set a requirement on my valid response for a wildcard result "*" for this header, thus stopping a request missing it from reaching the valid response matcher. It does mean that it ends up in my final generic catch-all bad request mapping, which is less ideal, but documentable. EDIT: I have ended up with a second catch-all request handler to differentiate requests missing this header from any other unhandled bad requests. But I hoped to avoid this as it means I have duplication of request requirement logic across multiple mappings.

adam commented 2025-12-29 15:25:06 +01:00

Author

Owner

Copy Link

@StefH commented on GitHub (Mar 23, 2023):

@MichaelIDS
From your logging:

It seems that the path is not matched, which means that the whole mapping is not matched.

@StefH commented on GitHub (Mar 23, 2023): @MichaelIDS From your logging:  It seems that the path is not matched, which means that the whole mapping is not matched.

adam commented 2025-12-29 15:25:07 +01:00

Author

Owner

Copy Link

@MichaelIDS commented on GitHub (Mar 23, 2023):

In the log it has the path captured and it looks identical to the stub definition in the original message here to me.

@MichaelIDS commented on GitHub (Mar 23, 2023): In the log it has the path captured and it looks identical to the stub definition in the original message here to me.

adam commented 2025-12-29 15:25:07 +01:00

Author

Owner

Copy Link

@StefH commented on GitHub (Mar 23, 2023):

@MichaelIDS
I did some testing and this works, but you have to configure the mapping for the header in a different way.

It should be:

"Headers": [
                {
                    "Name": "api-key",
                    "IgnoreCase": true,
                    "RejectOnMatch": true
                }
            ]

This means that when the header-key ("api-key") or "API-Key" (ignorecase = true) is missing the header mapping will match because RejectOnMatch is true.

I'll add this to the wiki.

@StefH commented on GitHub (Mar 23, 2023): @MichaelIDS I did some testing and this works, but you have to configure the mapping for the header in a different way. It should be: ``` json "Headers": [ { "Name": "api-key", "IgnoreCase": true, "RejectOnMatch": true } ] ``` This means that when the header-key ("api-key") or "API-Key" (ignorecase = true) is missing the header mapping will match because RejectOnMatch is true. I'll add this to the wiki.

adam referenced this issue 2025-12-29 15:34:23 +01:00

[PR #492] [MERGED] Mark FluentMockServer, FluentMockServerSettings, BlacklistedHeaders and BlacklistedCookies as obsolete #940

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

mime-part-matcher

version-2.x

MappingSerializer

1341-mapping-json

stef-aspire-tests-updates

bug/973-TinyMapper

bug/1149-AppendGuidToSavedMappingFile

feature/1150-DockerImageVersion

61

stef-1108

stef-1097

stef-1083-MessageOptions_Type_Conflict

stef-1062-logger

stef-IgnoreOpenApiErrors

stef-928-TypeLoadException-FluentAssertions-net472

nunit

stef-849

stef-847-regex-questionmark

http_verb

WireMockServerContext

webapp

ai

CommandLineArgumentsParser

1.23.0

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.0

1.15.0

1.14.0

1.13.0

1.12.0

1.11.2

1.11.0

1.10.1

1.10.0

1.9.1

1.9.0

1.8.18

1.8.17

1.8.16

1.8.15

1.8.14

1.8.13

1.8.12

1.8.11

1.8.10

1.8.9

1.8.8

1.8.7

1.8.6

1.8.5

1.8.3

1.8.2

1.8.1

1.8.0

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.12

1.6.11

1.6.10

1.6.9

1.6.8

1.6.7

1.6.6

1.6.5

1.6.4

1.6.3

1.6.2

1.6.1

1.6.0

1.5.62

1.5.61

1.5.60

1.5.59

1.5.58

1.5.57

1.5.56

1.5.55

1.5.54

1.5.53

1.5.52

1.5.51

1.5.50

1.5.49

1.5.48

1.5.47

1.5.46

1.5.45

1.5.44

1.5.43

1.5.42

1.5.41

1.5.40

1.5.39

1.5.38

1.5.37

1.5.36

1.5.35

1.5.34

1.5.33

1.5.32

1.5.31

1.5.30

1.5.29

1.5.28

1.5.27

1.5.26

1.5.25

1.5.24

1.5.23

1.5.22

1.5.21

1.5.20

1.5.19

1.5.18

1.5.17

1.5.16

1.5.15

1.5.14

1.5.13

1.5.12

1.5.11

1.5.10

1.5.9

1.5.8

1.5.7

1.5.6

1.5.5

1.5.4

1.5.3

1.5.2

1.5.1

1.5.0

1.4.43

1.4.42

1.4.41

1.4.40

1.4.39

1.4.38

1.4.37

1.4.36

1.4.35

1.4.34

1.4.33

1.4.32

1.4.31

1.4.30

1.4.29

1.4.28

1.4.27

1.4.26

1.4.25

1.4.24

1.4.23

1.4.22

1.4.21

1.4.20

1.4.19

1.4.18

1.4.17

1.4.16

1.4.15

1.4.14

1.4.13

1.4.12

1.4.11

1.4.10

1.4.9

1.4.8

1.4.7

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.10

1.3.9

1.3.8

1.3.6

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.3.0

1.2.18

1.2.17

1.2.16

1.2.15

1.2.14

1.2.13

1.2.12

1.2.11.0

1.2.10

1.2.9.0

1.2.8.0

1.2.7.0

1.2.6.0

1.2.5.0

1.2.4.0

1.2.3.0

1.2.2.0

1.2.1.0

1.2.0.0

1.1.10

1.1.9.0

1.1.8.0

1.1.7.0

1.1.6.0

1.1.5.0

1.1.3.0

1.1.2.0

1.1.1.0

1.1.0.0

1.0.43.0

1.0.42.0

1.0.41.0

1.0.40.0

1.0.39.0

1.0.38.0

1.0.37.0

1.0.36.0

1.0.35.0

1.0.34.0

1.0.33.0

1.0.32.0

1.0.31.0

1.0.29.0

1.0.28.0

1.0.25.0

1.0.24.0

1.0.23.0

1.0.22.0

1.0.21.0

1.0.20.0

1.0.19.0

1.0.18.0

1.0.17.0

1.0.16.0

1.0.15.0

1.0.14.0

1.0.13.0

1.0.12.0

1.0.11.0

1.0.10.0

1.0.9.0

1.0.8.0

1.0.7.0

1.0.6.1

1.0.6

1.0.5

1.0.4.21

1.0.4.20

1.0.4.19

1.0.4.18

1.0.4.17

1.0.4.16

1.0.4.15

1.0.4.14

1.0.4.13

1.0.4.12

1.0.4.11

1.0.4.10

1.0.4.9

1.0.4.8

1.0.4.7

1.0.4.6

1.0.4.5

1.0.4.4

1.0.4.3

1.0.4.2

1.0.4.1

1.0.4.0

1.0.3.20

1.0.3.19

1.0.3.18

1.0.3.17

1.0.3.16

1.0.3.15

1.0.3.14

1.0.3.13

1.0.3.12

1.0.3.11

1.0.3.10

1.0.3.9

1.0.3.8

1.0.3.7

1.0.3.6

1.0.3.5

1.0.3.4

1.0.3.3

1.0.3.2

1.0.3.1

1.0.3.0

1.0.2.13

1.0.2.12

1.0.2.11

1.0.2.10

1.0.2.9

1.0.2.8

1.0.2.7

1.0.2.6

1.0.2.5

1.0.2.4

1.0.2.1

1.0.2.0

1.0.1.5

1.0.1.3

1.0.1.2

1.0.1.1

1.0.0.0

Labels

Clear labels

bug

bug

doc

doc

duplicate

feature

feature

invalid

pull-request

Mirrored from GitHub Pull Request

question

wontfix

No Label question

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/WireMock.Net-wiremock#489