diff options
author | redmatrix <git@macgirvin.com> | 2016-05-22 22:44:13 -0700 |
---|---|---|
committer | redmatrix <git@macgirvin.com> | 2016-05-22 22:44:13 -0700 |
commit | bbc71343bdfc724425927ebab404b035c65f569c (patch) | |
tree | ee3c193ee84025ef37705a11179c3e986ba6c617 /include/zot.php | |
parent | a1aa3d906159e4ad563779e5f220dddbfbd744c4 (diff) | |
download | volse-hubzilla-bbc71343bdfc724425927ebab404b035c65f569c.tar.gz volse-hubzilla-bbc71343bdfc724425927ebab404b035c65f569c.tar.bz2 volse-hubzilla-bbc71343bdfc724425927ebab404b035c65f569c.zip |
change the signed token format. We don't folks to be able to submit random text for signing by us, as they could then use these to generate known signatures.
Diffstat (limited to 'include/zot.php')
-rw-r--r-- | include/zot.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/zot.php b/include/zot.php index 4b780db2a..8ba03ff5c 100644 --- a/include/zot.php +++ b/include/zot.php @@ -3818,7 +3818,7 @@ function zotinfo($arr) { // Communication details if($token) - $ret['signed_token'] = base64url_encode(rsa_sign($token,$e['channel_prvkey'])); + $ret['signed_token'] = base64url_encode(rsa_sign('token.' . $token,$e['channel_prvkey'])); $ret['guid'] = $e['xchan_guid']; |