Please tell me if this is a feature of ORDS. I'm struggling to find this documented anywhere.
We have a custom PL/SQL package that provides a webservice after validating the AUTHORIZATION header. Apparently on ORDS we no longer need to use PlsqlCGIEnvironmentList to allow headers through to PL/SQL, so I've not specifically configured anything, but I can't see the AUTHORIZATION header via owa_util.get_cgi_env('HTTP_AUTHORIZATION');
I can see other custom headers such as x-forwarded-for which is set by the proxy.