Treatment of x-requested-with header

I have an existing REST service and a hosting server that requires the x-requested-with header to accept requests. And I need to define the swagger document for this service.

I don't want to include this x-requested-with header in the application's description because it is not part of the application's API but rather of the hosting server. At the same time, I would like to make the swagger clients such as swagger-ui (e.g., when the swagger file is retrieved from the hosting server and opened in swagger-ui) be able to include this header when making requests.

Unfortunately, swagger-ui does not allow a non-declared header to be added to the requests. So, one approach would be to add a dummy apiKey security definition in the swagger file as in

    "securityDefinitions": {
...
        "XRequestedWith": {
            "type": "apiKey",
            "in": "header",
            "name": "x-requested-with"
        }
    },
    "securityRequirement": [
...
        {
            "XRequestedWith": []
        }
    ]

and activate this apiKey to force including this header. Would this be a recommended approach or are there better approaches?

Regards, aki

Forum Discussion

Treatment of x-requested-with header

Related Content

how to send a post request with x-www-form-urlencoded (adaptation from postman request)

Missing header

Copy and Paste Headers v3.42.0

Need to send header with Basic Auth

Missing Required Headers error

Recent Discussions

Should the Curl command show the path to the file to be uploaded

ID_TOKEN as the header in the Google OAUTH2.0

How to hide an endpoint from openaopi 3.0

I can't see the "add item" button in swagger UI

Swagger Convertor Gateway Time-out