From 410acafa64a2240297392b70a3b3bffe21346516 Mon Sep 17 00:00:00 2001
From: William <william@aresgames.com.hk>
Date: Mon, 10 Jun 2019 19:04:09 +0800
Subject: [PATCH] Add a whitelist in options for header parameters that do not
 begin with oauth_

---
 oauth-1.0a.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/oauth-1.0a.js b/oauth-1.0a.js
index 5c15dd4..a348478 100644
--- a/oauth-1.0a.js
+++ b/oauth-1.0a.js
@@ -24,6 +24,7 @@ function OAuth(opts) {
     this.version             = opts.version || '1.0';
     this.parameter_seperator = opts.parameter_seperator || ', ';
     this.realm               = opts.realm;
+    this.headerWhitelist     = opts.headerWhitelist || [];
 
     if(typeof opts.last_ampersand === 'undefined') {
         this.last_ampersand = true;
@@ -301,7 +302,7 @@ OAuth.prototype.toHeader = function(oauth_data) {
     }
 
     for(var i = 0; i < sorted.length; i++) {
-        if (sorted[i].key.indexOf('oauth_') !== 0)
+        if (sorted[i].key.indexOf('oauth_') !== 0 && !this.headerWhitelist.includes(sorted[i].key))
             continue;
 
         header_value += this.percentEncode(sorted[i].key) + '="' + this.percentEncode(sorted[i].value) + '"' + this.parameter_seperator;