Add Toggle to Enable/Disable Automatic Encoding for Basic Auth Headers #6304
Description
I have checked the following:
- I've searched existing issues and found nothing related to my issue.
This feature
- blocks me from using Bruno
- would improve my quality of life in Bruno
- is something I've never seen an API client do before
Describe the feature you want to add, and how it would change your usage of Bruno
Add a user-configurable toggle that allows enabling or disabling automatic encoding (URL / credential encoding) when constructing Basic Auth headers. This gives users control over whether credentials are encoded, preventing failures in cases where pre-encoding breaks authentication.
Problem
Bruno currently applies encodeURIComponent() before Base64-encoding OAuth credentials.
This causes issues when client secrets contain characters such as #, &, =, +, etc., resulting in incorrect credentials sent to servers.
Example from user reports:
- Some servers require raw (unencoded) credentials
- Others expect URL-encoded credentials (RFC-compliant behavior)
Proposed Solution
Introduce a toggle near the “credentials placement” option that controls whether encoding is applied.
Behavior
- Toggle ON (default):
Bruno URL-encodes values and applies encoding before Base64 / header creation. - Toggle OFF:
Bruno sends credentials exactly as the user provides them — noencodeURIComponent(), no automatic encoding.
Mockups or Images of the feature
No response