Rules Hub
Coding Rules Library
← Back to all rules
Rule priority, scope & exceptions
Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).
backend ruleP2universalStack: node
httpauthheadersapi
Pass auth tokens via a custom header, not a cookie, when there is no reason to use a cookie
Send service tokens through a dedicated request header rather than overloading the cookie header without a specific reason.
PR: hegnar-forum-web · org-mining-hist-2026-06Created: Jun 20, 2026
Bad example
Old codetypescript
| 1 | fetch(url, { headers: { Cookie: `pinpoint=${token}` } }); |
Explanation (EN)
Objašnjenje (HR)
Good example
New codetypescript
| 1 | fetch(url, { headers: { 'x-pinpoint-token': token } }); |
Explanation (EN)
Objašnjenje (HR)