server: avoid overwriting Authorization header (ggml-org#10878)

* server: avoid overwriting Authorization header

If no API key is set, leave the Authorization header as is. It may be
used by another part of the Web stack, such as an authenticating proxy.

Fixes ggml-org#10854

* rebuild

---------

Co-authored-by: Xuan Son Nguyen <[email protected]>

Author: 2 people

examples/server/public/index.html.gz

@@ -445,7 +445,7 @@ const mainApp = createApp({
           method: 'POST',
           headers: {
             'Content-Type': 'application/json',
-            'Authorization': this.config.apiKey ? `Bearer ${this.config.apiKey}` : undefined,
+            ...(this.config.apiKey ? {'Authorization': `Bearer ${this.config.apiKey}`} : {})
           },
           body: JSON.stringify(params),
           signal: abortController.signal,