Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-20 02:35:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

signature validation issue with posted data

Browse source
This commit is contained in:
zotlabs 2020-02-06 21:43:39 -08:00
parent 8ed915918c
commit 920f9ea507
2 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
Zotlabs/Module/Item.php
View file

@ -176,8 +176,7 @@ class Item extends Controller {
// process an authenticated fetch
$sigdata = HTTPSig::verify(EMPTY_STR);
$sigdata = HTTPSig::verify(($_SERVER['REQUEST_METHOD'] === 'POST') ? file_get_contents('php://input') : EMPTY_STR);
if ($sigdata['portable_id'] && $sigdata['header_valid']) {
$portable_id = $sigdata['portable_id'];
if (! check_channelallowed($portable_id)) {

5
Zotlabs/Web/HTTPSig.php
View file

@ -220,6 +220,11 @@ class HTTPSig {
}
logger('Content_Valid: ' . (($result['content_valid']) ? 'true' : 'false'));
if (! $result['content_valid']) {
logger('invalid content signature: data ' . print_r($data,true));
logger('invalid content signature: headers ' . print_r($headers,true));
logger('invalid content signature: body ' . print_r($body,true));
}
}
return $result;