Hey there, let's dig into why that Authorization header isn't showing up in your GET request. I've run into this exact issue a few times with Angular's HttpClient, so here are the most common fixes and checks to try:

• Double-check your token and HttpHeaders immutability
  Angular's HttpHeaders are immutable, but your code looks okay for creating the header directly. The bigger red flag here is whether this.authService.getToken() is actually returning a valid value. Add a quick log right before the request to confirm:

  const token = this.authService.getToken();
  console.log('Current token:', token); // Make sure this isn't null/undefined
  return this.httpClient.get(this.parseUrl(controller), {
    headers: new HttpHeaders({'Authorization': 'bearer ' + token}),
    params: this.parseURLData(data)
  }).pipe(timeout(this.serverTimeout));
  

  If the token is empty, the header becomes bearer undefined—many browsers and servers will silently drop this instead of showing it in dev tools.

• Check your server's CORS configuration
  If this is a cross-origin request, browsers send an OPTIONS preflight check first. Your server needs to explicitly whitelist the Authorization header in its CORS settings. Make sure the server's response includes:

  Access-Control-Allow-Headers: Authorization, Content-Type
  

  If the server doesn't allow this header, the browser will block it from being sent in the actual GET request—even if your code is correct.

• Look for conflicting HTTP interceptors
  Do you have any global HttpInterceptor in your app? Sometimes auth interceptors or logging interceptors can accidentally overwrite or remove headers if their logic is off. Double-check any interceptors that modify request headers to ensure they're not clobbering your Authorization header.

• Fix the timeout operator syntax
  That .timeout() call looks like old AngularJS syntax. In modern Angular (RxJS 6+), timeout should be used as a pipeable operator:

  import { timeout } from 'rxjs/operators';
  
  // ...
  
  return this.httpClient.get(this.parseUrl(controller), {
    headers: new HttpHeaders({'Authorization': 'bearer ' + this.authService.getToken()}),
    params: this.parseURLData(data)
  }).pipe(timeout(this.serverTimeout));
  

  Using the old method could cause unexpected behavior with request configuration, including headers.

• Verify the request with a proxy tool
  Browser dev tools sometimes hide headers in their simplified view. Use a tool like Fiddler or Charles to capture the raw request and confirm whether the Authorization header is actually being sent. If it is, the issue might be on the server side not parsing it correctly.

内容的提问来源于stack exchange，提问作者dale