Describe the issue
When making outbound HTTP calls from AL using HttpClient on BC SaaS (platform 27.5.46862.46929), the platform automatically injects a baggage request header with a value that violates the [W3C Baggage specification](. This header cannot be removed or overridden from AL code.
APIs with strict header validation (e.g. services behind gRPC-transcoding gateways like Envoy) reject the request with HTTP 400 because the baggage value contains characters that are invalid in metadata keys.
Expected behavior
Either:
(a) The platform should emit a spec-compliant baggage value (valid token as key, properly encoded value), or
(b) The platform should provide an API to suppress/disable distributed tracing headers on outbound calls (similar to UseServerCertificateValidation(false)), or
(c) The platform should not inject baggage on outbound calls from extensions at all.
Steps to reproduce
Create a minimal AL codeunit in any AppSource or PTE extension on BC SaaS (v27.5+):
codeunit 50000 "Baggage Header Repro"
{
trigger OnRun()
var
Client: HttpClient;
Response: HttpResponseMessage;
Headers: HttpHeaders;
Request: HttpRequestMessage;
Body: Text;
Key: Text;
Values: List of [Text];
begin
Request.SetRequestUri('https://httpbin.org/headers');
Request.Method('GET');
Request.GetHeaders(Headers);
Headers.Add('Accept', 'application/json');
Client.Send(Request, Response);
Response.Content.ReadAs(Body);
// Body contains all headers as seen by the server
Message(Body);
end;
}
Publish the extension to any BC SaaS sandbox environment (ensure "Allow HttpClient Requests" is enabled in Extension Settings).
Run the codeunit (e.g. via a page action or Codeunit.Run(50000)).
Observe the response from httpbin.org — it echoes back all received headers. You will see:
{
"headers": {
"Baggage": "traceStartInfo+=+%5BGatewayServicesType%5D+CONNECT+https%3A%2F%2F...",
"Traceparent": "00-...",
"X-From-Al": "true",
"X-Forwarded-For": "..."
}
}
Additional context
Platform version: 27.5.46862.46929 (BC SaaS, West Europe region)
Runtime version: 16.0
I will provide a fix for a bug
Describe the issue
When making outbound HTTP calls from AL using HttpClient on BC SaaS (platform 27.5.46862.46929), the platform automatically injects a baggage request header with a value that violates the [W3C Baggage specification](. This header cannot be removed or overridden from AL code.
APIs with strict header validation (e.g. services behind gRPC-transcoding gateways like Envoy) reject the request with HTTP 400 because the baggage value contains characters that are invalid in metadata keys.
Expected behavior
Either:
(a) The platform should emit a spec-compliant baggage value (valid token as key, properly encoded value), or
(b) The platform should provide an API to suppress/disable distributed tracing headers on outbound calls (similar to UseServerCertificateValidation(false)), or
(c) The platform should not inject baggage on outbound calls from extensions at all.
Steps to reproduce
Create a minimal AL codeunit in any AppSource or PTE extension on BC SaaS (v27.5+):
codeunit 50000 "Baggage Header Repro"
{
trigger OnRun()
var
Client: HttpClient;
Response: HttpResponseMessage;
Headers: HttpHeaders;
Request: HttpRequestMessage;
Body: Text;
Key: Text;
Values: List of [Text];
begin
Request.SetRequestUri('https://httpbin.org/headers');
Request.Method('GET');
Request.GetHeaders(Headers);
Headers.Add('Accept', 'application/json');
}
Publish the extension to any BC SaaS sandbox environment (ensure "Allow HttpClient Requests" is enabled in Extension Settings).
Run the codeunit (e.g. via a page action or Codeunit.Run(50000)).
Observe the response from httpbin.org — it echoes back all received headers. You will see:
{
"headers": {
"Baggage": "traceStartInfo+=+%5BGatewayServicesType%5D+CONNECT+https%3A%2F%2F...",
"Traceparent": "00-...",
"X-From-Al": "true",
"X-Forwarded-For": "..."
}
}
Additional context
Platform version: 27.5.46862.46929 (BC SaaS, West Europe region)
Runtime version: 16.0
I will provide a fix for a bug