From b413beeb365ea09ac79f57e68dbb6ac49b5ea056 Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Thu, 31 Aug 2017 20:45:13 -0700
Subject: add server-to-server magic auth to dav and cdav controllers

---
 include/api_auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/api_auth.php')

diff --git a/include/api_auth.php b/include/api_auth.php
index 4b1aae642..01a4599aa 100644
--- a/include/api_auth.php
+++ b/include/api_auth.php
@@ -50,7 +50,7 @@ function api_login(&$a){
 
 		/* Signature authentication */
 
-		if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,5) === 'Signature') {
+		if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') {
 			$sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]);
 			if($sigblock) {
 				$keyId = $sigblock['keyId'];
-- 
cgit v1.2.3