diff --git a/sources/httpUtils.ts b/sources/httpUtils.ts
index 2095a333b..6c2dc9040 100644
--- a/sources/httpUtils.ts
+++ b/sources/httpUtils.ts
@@ -17,8 +17,8 @@ async function fetch(input: string | URL, init?: RequestInit) {
 
   let headers = init?.headers;
 
-  const username: string | undefined = input.username ?? process.env.COREPACK_NPM_USERNAME;
-  const password: string | undefined = input.password ?? process.env.COREPACK_NPM_PASSWORD;
+  const username: string | undefined = input.username || process.env.COREPACK_NPM_USERNAME;
+  const password: string | undefined = input.password || process.env.COREPACK_NPM_PASSWORD;
 
   if (username || password) {
     headers =  {
diff --git a/tests/_registryServer.mjs b/tests/_registryServer.mjs
index ff0be263f..d051b0a66 100644
--- a/tests/_registryServer.mjs
+++ b/tests/_registryServer.mjs
@@ -116,8 +116,10 @@ const server = createServer((req, res) => {
   const auth = req.headers.authorization;
 
   if (
-    (auth?.startsWith(`Bearer `) && auth.slice(`Bearer `.length) !== TOKEN_MOCK) ||
-    (auth?.startsWith(`Basic `) && Buffer.from(auth.slice(`Basic `.length), `base64`).toString() !== `user:pass`)
+    auth == null ||
+    (auth.startsWith(`Bearer `) && auth.slice(`Bearer `.length) !== TOKEN_MOCK) ||
+    (auth.startsWith(`Basic `) && Buffer.from(auth.slice(`Basic `.length), `base64`).toString() !== `user:pass`) ||
+    !/^(Basic|Bearer) /.test(auth)
   ) {
     res.writeHead(401).end(`Unauthorized`);
     return;