Notification webhook sends blank header key/value with a colon

[calderonth]

Current Behavior

Notifications webhook sends invalid HTTP header when fields are empty.
Here is the raw HTTP payload being received by netcat:

nc -l -p 9090
POST / HTTP/1.1
content-type: application/json
accept: application/json
:
Content-Length: 51558
Host: myhost:9090
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.14 (Java/21.0.5)
Accept-Encoding: gzip,deflate

{
  "notification": {
    "level": "INFORMATIONAL",
    "scope": "PORTFOLIO",
    "group": "BOM_CONSUMED",
    "timestamp": "2024-10-31T11:14:17.975933948",
    "title": "Bill of Materials Consumed",
    "content": "A CycloneDX BOM was consumed and will be processed",
    "subject":

We can see above that below the accept: application/json header a blank header key and value are being sent which is invalid.

Steps to Reproduce

1. Create a notification to to host myhost:9090
2. Listen on the given host: nc -l -p 9090
3. Observe the following header value being sent: : which is the blank fields for API token header and API token in the UI:

Expected Behavior

If the API key/secret fields are empty, no blank header key/value with a colon should be sent.

Dependency-Track Version

4.13.0-SNAPSHOT

Dependency-Track Distribution

Container Image

Database Server

H2

Database Server Version

No response

Browser

Google Chrome

Checklist

• I have read and understand the contributing guidelines
• I have checked the existing issues for whether this defect was already reported