aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2018-10-12 09:42:57 +0200
committerMario Vavti <mario@mariovavti.com>2018-10-12 09:42:57 +0200
commit81d9258e800e98012bcc68791976e5f12246750f (patch)
treec3b4c0b1420aaaa5a80cdca8521b6f52092b4b77 /Zotlabs
parentd21bf41b6cab23ac7a1aa89b948643a8e879d0c7 (diff)
parentc6bfd5e7befedf79ab6f7e70902e5fb2aa69fa6f (diff)
downloadvolse-hubzilla-81d9258e800e98012bcc68791976e5f12246750f.tar.gz
volse-hubzilla-81d9258e800e98012bcc68791976e5f12246750f.tar.bz2
volse-hubzilla-81d9258e800e98012bcc68791976e5f12246750f.zip
Merge remote-tracking branch 'mike/master' into dev
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Web/HTTPSig.php6
1 files changed, 2 insertions, 4 deletions
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index ec7bb0d67..f27aa0556 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -52,6 +52,7 @@ class HTTPSig {
$h = new \Zotlabs\Web\HTTPHeaders($data['header']);
$headers = $h->fetcharr();
$body = $data['body'];
+ $headers['(request-target)'] = $data['request_target'];
}
else {
@@ -60,6 +61,7 @@ class HTTPSig {
strtolower($_SERVER['REQUEST_METHOD']) . ' ' .
$_SERVER['REQUEST_URI'];
$headers['content-type'] = $_SERVER['CONTENT_TYPE'];
+ $headers['content-length'] = $_SERVER['CONTENT_LENGTH'];
foreach($_SERVER as $k => $v) {
if(strpos($k,'HTTP_') === 0) {
@@ -104,10 +106,6 @@ class HTTPSig {
if(strpos($h,'.')) {
$spoofable = true;
}
- if($h === 'host' && (strpos(strtolower(\App::get_hostname()),strtolower($headers[$h])) === false)) {
- logger('bad host: ' . $sig_block['keyId'] . ' != ' . $headers[$h]);
- return $result;
- }
if($h === 'date') {
$d = new \DateTime($headers[$h]);
$d->setTimeZone(new \DateTimeZone('UTC'));