From 03624f898d9fa872b9bcb95fff7c92ff0390d6e6 Mon Sep 17 00:00:00 2001
From: Aaron Knudtson <aaron.knudtson@outlook.com>
Date: Mon, 28 Apr 2025 10:51:12 +0200
Subject: [PATCH] fix: remove authorization header from frontend

---
 packages/api/src/routers/api/clickhouseProxy.ts | 5 +++++
 packages/common-utils/src/clickhouse.ts         | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/packages/api/src/routers/api/clickhouseProxy.ts b/packages/api/src/routers/api/clickhouseProxy.ts
index 3fc718133..165c3e787 100644
--- a/packages/api/src/routers/api/clickhouseProxy.ts
+++ b/packages/api/src/routers/api/clickhouseProxy.ts
@@ -69,6 +69,11 @@ const getConnection: RequestHandler =
   // prettier-ignore-next-line
   async (req, res, next) => {
     try {
+      if (req.headers['authorization'] === 'Basic Og==') {
+        // this means username & password === 0, which indicates we must be
+        // doing some other authorization mechanism (probably connection_id)
+        delete req.headers['authorization'];
+      }
       const { teamId } = getNonNullUserWithTeam(req);
       const connection_id = req.headers['x-hyperdx-connection-id']!; // ! because zod already validated
       delete req.headers['x-hyperdx-connection-id'];
diff --git a/packages/common-utils/src/clickhouse.ts b/packages/common-utils/src/clickhouse.ts
index c3eca6026..d9172372b 100644
--- a/packages/common-utils/src/clickhouse.ts
+++ b/packages/common-utils/src/clickhouse.ts
@@ -455,6 +455,8 @@ export class ClickhouseClient {
             wait_end_of_query: 0,
             cancel_http_readonly_queries_on_client_close: 1,
           },
+          username: '',
+          password: '',
           compression: {
             response: true,
           },