diff options
author | Mario Vavti <mario@mariovavti.com> | 2018-10-12 09:42:57 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2018-10-12 09:42:57 +0200 |
commit | 81d9258e800e98012bcc68791976e5f12246750f (patch) | |
tree | c3b4c0b1420aaaa5a80cdca8521b6f52092b4b77 /Zotlabs/Web/HTTPSig.php | |
parent | d21bf41b6cab23ac7a1aa89b948643a8e879d0c7 (diff) | |
parent | c6bfd5e7befedf79ab6f7e70902e5fb2aa69fa6f (diff) | |
download | volse-hubzilla-81d9258e800e98012bcc68791976e5f12246750f.tar.gz volse-hubzilla-81d9258e800e98012bcc68791976e5f12246750f.tar.bz2 volse-hubzilla-81d9258e800e98012bcc68791976e5f12246750f.zip |
Merge remote-tracking branch 'mike/master' into dev
Diffstat (limited to 'Zotlabs/Web/HTTPSig.php')
-rw-r--r-- | Zotlabs/Web/HTTPSig.php | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index ec7bb0d67..f27aa0556 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -52,6 +52,7 @@ class HTTPSig { $h = new \Zotlabs\Web\HTTPHeaders($data['header']); $headers = $h->fetcharr(); $body = $data['body']; + $headers['(request-target)'] = $data['request_target']; } else { @@ -60,6 +61,7 @@ class HTTPSig { strtolower($_SERVER['REQUEST_METHOD']) . ' ' . $_SERVER['REQUEST_URI']; $headers['content-type'] = $_SERVER['CONTENT_TYPE']; + $headers['content-length'] = $_SERVER['CONTENT_LENGTH']; foreach($_SERVER as $k => $v) { if(strpos($k,'HTTP_') === 0) { @@ -104,10 +106,6 @@ class HTTPSig { if(strpos($h,'.')) { $spoofable = true; } - if($h === 'host' && (strpos(strtolower(\App::get_hostname()),strtolower($headers[$h])) === false)) { - logger('bad host: ' . $sig_block['keyId'] . ' != ' . $headers[$h]); - return $result; - } if($h === 'date') { $d = new \DateTime($headers[$h]); $d->setTimeZone(new \DateTimeZone('UTC')); |