server: avoid overwriting Authorization header (ggml-org#10878)

* server: avoid overwriting Authorization header If no API key is set, leave the Authorization header as is. It may be used by another part of the Web stack, such as an authenticating proxy. Fixes ggml-org#10854 * rebuild --------- Co-authored-by: Xuan Son Nguyen <son@huggingface.co>
mglambda · Mar 8, 2025 · 8027308 · 8027308
1 parent 466f22a
commit 8027308
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 1 deletion.
diff --git a/examples/server/public/index.html.gz b/examples/server/public/index.html.gz
diff --git a/examples/server/webui/src/main.js b/examples/server/webui/src/main.js
@@ -445,7 +445,7 @@ const mainApp = createApp({
           method: 'POST',
           headers: {
             'Content-Type': 'application/json',
-            'Authorization': this.config.apiKey ? `Bearer ${this.config.apiKey}` : undefined,
+            ...(this.config.apiKey ? {'Authorization': `Bearer ${this.config.apiKey}`} : {})
           },
           body: JSON.stringify(params),
           signal: abortController.signal,