SECURITY: signature issue

author: zotlabs <mike@macgirvin.com> 2018-10-09 22:37:53 -0700
committer: zotlabs <mike@macgirvin.com> 2018-10-09 22:37:53 -0700
commit: c6f3298f7864756f4a9b7827e8490a3ee859f82f (patch)
tree: 6e59110dee7e48040421e3c4ac5b08688c13ad04 /Zotlabs/Module/Owa.php
parent: 2cb52f88755aac62f208463e4754153bbf249c67 (diff)
download: volse-hubzilla-c6f3298f7864756f4a9b7827e8490a3ee859f82f.tar.gz
volse-hubzilla-c6f3298f7864756f4a9b7827e8490a3ee859f82f.tar.bz2
volse-hubzilla-c6f3298f7864756f4a9b7827e8490a3ee859f82f.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index da26748b3..4a488086f 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -45,7 +45,7 @@ class Owa extends \Zotlabs\Web\Controller {
 						}
 						if($r) {
 							foreach($r as $hubloc) {
-								$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);	
+								$verified = \Zotlabs\Web\HTTPSig::verify(file_get_contents('php://input'),$hubloc['xchan_pubkey']);	
 								if($verified && $verified['header_signed'] && $verified['header_valid']) {
 									logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);	
 									logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
author	zotlabs <mike@macgirvin.com>	2018-10-09 22:37:53 -0700
committer	zotlabs <mike@macgirvin.com>	2018-10-09 22:37:53 -0700
commit	c6f3298f7864756f4a9b7827e8490a3ee859f82f (patch)
tree	6e59110dee7e48040421e3c4ac5b08688c13ad04 /Zotlabs/Module/Owa.php
parent	2cb52f88755aac62f208463e4754153bbf249c67 (diff)
download	volse-hubzilla-c6f3298f7864756f4a9b7827e8490a3ee859f82f.tar.gz volse-hubzilla-c6f3298f7864756f4a9b7827e8490a3ee859f82f.tar.bz2 volse-hubzilla-c6f3298f7864756f4a9b7827e8490a3ee859f82f.zip