From 1fc55f43cb2065f45a006e4ef6dd2dfc57ec4d00 Mon Sep 17 00:00:00 2001 From: Julio Capote Date: Thu, 5 Jan 2023 11:33:43 -0500 Subject: digest required --- registry/registry.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/registry/registry.go b/registry/registry.go index a2be06e..475464f 100644 --- a/registry/registry.go +++ b/registry/registry.go @@ -276,7 +276,7 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl *url.URL, follow vocab.Act prefs := []httpsig.Algorithm{httpsig.RSA_SHA256} digestAlgorithm := httpsig.DigestSha256 // The "Date" and "Digest" headers must already be set on r, as well as r.URL. - headersToSign := []string{httpsig.RequestTarget, "host", "date", "content-type"} + headersToSign := []string{httpsig.RequestTarget, "host", "date", "digest", "content-type"} signer, _, err := httpsig.NewSigner(prefs, digestAlgorithm, headersToSign, httpsig.Signature, 0) if err != nil { return err @@ -285,7 +285,7 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl *url.URL, follow vocab.Act // ...but it is optional, no digest will be signed if given "nil" // body := nil // If r were a http.ResponseWriter, call SignResponse instead. - err = signer.SignRequest(privKey, actorUrl.String(), request, nil) + err = signer.SignRequest(privKey, actorUrl.String(), request, jsonData) r.mu.Unlock() r.log.With( -- cgit v1.2.3