[BUG] Header type parameter placed in Cookie incorrectly

[rbeede]

Prerequisites

• Thoroughly read the README file.
• Checked the project requirements and ensured they are met.
• Searched for existing issues that may address the problem.
• Performed basic troubleshooting steps.

Description

A parameter defined in the OpenAPI 3.0.1 json that should be an HTTP header is instead being treated as a Cookie value.

Steps to Reproduce

Create an openapi 3.0.1 json with this following "paths" included:

   "/myapifunction": {
      "get": {
        "tags": [
          "Picture"
        ],
        "parameters": [
          {
            "name": "pictureCode",
            "in": "header",
            "schema": {
              "type": "string"
            }
          }
        ],
        "responses": {
          "200": {
            "description": "Success"
          }
        }
      }
    },

Load the json in the Burp OpenAPI Parser tab

Observe that the raw request used Cookie: pictureCode instead of a separate HTTP header named pictureCode.

Expected Behavior

The HTTP request generated should have created a separate HTTP header instead of using a Cookie.

Screenshots

No response

Environment

• OS: Linux (Ubuntu)
• Java version: built-in private JRE bundled with Burp
• Burp Suite version: Pro 2024.10.3
• OpenAPI Specification version: 3.0.1

Error Message

No response

Additional Context

No response