Add two-step HTTPS form with headers support #8780
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Enable HTTP headers configuration on the HTTPS connector through a two-step form: - Step 1 (connector): Headers textarea to specify custom HTTP headers - Step 2 (source): URI and model name for the data source Updates: - Extended isMultiStepConnector() to detect schemas with both connector and source steps, enabling multi-step flow for HTTPS - Added formatHeadersAsYamlMap() to parse textarea headers into YAML map format (Header: value per line) - Updated HTTPS schema with headers field on connector step, URI and model name on source step - Fixed AddDataModal to recognize multi-step HTTPS connector and use connector form type - Made headers a required field for validation
Contributor
Not seeing the following format in preview
and the text area is acting weird, especially if copy/paste
wasnt able to test what it would look like from modal but should be |
- Replace contenteditable div with native <textarea> for proper copy/paste support and input event handling - Update YAML preview to use 4-space indentation, quoted header keys, and inline description comment - Widen event handler types from HTMLDivElement to HTMLElement Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When users paste headers with existing quotes like "Authorization": "Bearer token", they were getting double-quoted in the preview. Now we strip leading/trailing quotes before wrapping them in the YAML output.
Contributor
Author
Addressed |
Contributor
Test and Connect took a few seconds, are we actually testing anything for this connector type?
|
Replace the textarea-based HTTP headers input with a dynamic key-value pair component. Users can now add/remove headers individually instead of typing raw "Header-Name: value" text.
- New KeyValueInput.svelte component with add/remove rows and duplicate detection
- Add "key-value" to x-display type union for form schema system
- Wire KeyValueInput through SchemaField.svelte renderer
- Update formatHeadersAsYamlMap to accept array of {key, value} objects
- Initialize key-value form fields to empty arrays
- Add wildcard support to schema button labels
- Change HTTPS connector button from "Test and Connect" to "Continue" (Ping is a no-op)
- Headers field is now optional in HTTPS schema
Contributor
Author
|
Latest demo:
CleanShot.2026-02-06.at.10.40.04.mp4 |
Contributor
|
love the new layout, Tokens generally should be hidden in the .env and not in raw text, anyway to make the string after Bearer become '{{ .env.connector.https/token}}' @lovincyrus |
Header values (e.g., Bearer tokens) are now stored in .env and
referenced via {{ .env.connector.https.<key> }} in the connector YAML,
preventing secrets from being exposed in configuration files.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
Author
|
Header values are now stored in For example, entering Connector YAML: headers:
"Authorization": "{{ .env.connector.https.authorization }}".env: |
Non-sensitive headers (e.g., Content-Type, Accept) remain as plain text in the connector YAML. Only headers matching known sensitive patterns (Authorization, API keys, tokens) are stored in .env. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The CI Svelte parser does not support Tailwind modifier syntax (e.g. hover:text-fg-primary) inside @apply directives. Use standard CSS :hover pseudo-selectors instead. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
Author
|
Latest 
|
Contributor
|
Idk if its possible but can we separate Bearer and token? |
Contributor
Author
We shouldn't do that. Headers should be a key value pair. |
Contributor
|
Separate it meaning For HTTPS auth, the wire format is:
Bearer is protocol syntax, not part of the token itself.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds headers support to the HTTPS connector by turning it into a two-step form. Step 1 collects HTTP headers (e.g., Authorization: Bearer ), and step 2 collects the URI and model name. Headers entered in the connector form are written to the connector YAML as a map, which the existing create_secrets_from_connectors bridge translates into DuckDB EXTRA_HTTP_HEADERS secrets at query time — no backend changes required.
Checklist: