Fix inconsistent and invalid header names
Raise CR
Analysis
Execution
Raise CR
Analysis
Execution
Description
Activity
Show:
Erik Sundvall November 4, 2024 at 5:56 PM
@Erik Åström this was discussed briefly at the SEC meeting today and is now on the radar of the SEC REST Working group
Erik Sundvall November 4, 2024 at 4:30 PM
Fixed it now @Joshua Grisham
Joshua Grisham November 4, 2024 at 3:38 PM
I added the example openEHR-TEMPLATE_ID also at the end but released that it should be with a dash there as the proposed example, but now do not have access to update it after this Jira was moved unfortunately. It should be openEHR-TEMPLATE-ID (dash instead of underscore) as the proposed example if someone would not mind to fix this 
Erik Sundvall November 4, 2024 at 3:13 PM
Unresolved
Details
Details
Reporter
Erik Åström
Erik ÅströmRaised By
Erik Åström
Components
Affects versions
Original estimate
Created November 4, 2024 at 8:53 AM
Updated 4 days ago
Summary:
Certain OpenEHR headers, such as
openEHR-TEMPLATE_IDandopenEHR-VERSION.lifecycle_state, use a naming convention that includes dots (.) and underscore in header names. This practice leads to compatibility issues with popular web servers, such as Nginx, and may interfere with other software that relies on strict header validation.Problem Description:
The OpenEHR specification currently uses headers that contain both dots and underscore in their names (e.g.,
openEHR-VERSION.lifecycle_state), which does not align with standard HTTP header naming conventions. This causes issues when using proxy servers or web servers that enforce strict header validation, such as Nginx. This is allowed in RFC7230 section 3.2.6 but not widely supported.Example from OpenEHR documentation:
openEHR-VERSION.lifecycle_state(Documentation reference: OpenEHR Headers Specification)
Another example:
openEHR-TEMPLATE_ID(Documentation reference: https://specifications.openehr.org/releases/ITS-REST/Release-1.0.3/overview.html#tag/Requests_and_responses/HTTP-headers/openEHR-TEMPLATE_ID )
Nginx Configuration Details:
Nginx requires specific configuration changes to support these headers because dots are not inherently valid characters in header names. Enabling support for these headers in Nginx requires:
ignore_invalid_headers off; underscores_in_headers on;Reference: Nginx Documentation
Impact:
The current header naming convention can cause:
Compatibility issues with software that does not support dots in header names.
Tested Software with issues:
Apache
nginx
Postman
Additional configuration requirements, may reduce portability and require more maintenance.
Suggested Solution:
To improve compatibility and reduce configuration complexity, we suggest adopting a naming convention that avoids using underscores and dots in HTTP header names. Using hyphens instead would ensure better compatibility across systems and prevent the need for custom configurations in proxy and web servers.
Example:
openEHR-TEMPLATE-IDopenEHR-VERSION-lifecycle-state