notfire/Iceshrimp.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Properly handle host header in HttpSignature.GenerateSigningString

Browse source
This commit is contained in:
Laura Hausmann 2024-01-23 02:09:12 +01:00
parent c207d77d51
commit c7cf5d9389
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
Iceshrimp.Backend/Core/Federation/Cryptography/HttpSignature.cs
View file

@ -51,6 +51,8 @@ public static class HttpSignature {
ArgumentNullException.ThrowIfNull(request.RequestUri);
request.Headers.Date = DateTime.Now;
request.Headers.Host = request.RequestUri.Host;
var requiredHeadersEnum = requiredHeaders.ToList();
var signingString = GenerateSigningString(requiredHeadersEnum, request.Method.Method,
request.RequestUri.AbsolutePath,
@ -70,7 +72,7 @@ public static class HttpSignature {
}
private static string GenerateSigningString(IEnumerable<string> headers, string requestMethod, string requestPath,
IHeaderDictionary requestHeaders) {
IHeaderDictionary requestHeaders, string? host = null) {
var sb = new StringBuilder();
//TODO: handle additional params, see https://github.com/Chocobozzz/node-http-signature/blob/master/lib/parser.js#L294-L310
@ -78,6 +80,7 @@ public static class HttpSignature {
sb.Append($"{header}: ");
sb.AppendLine(header switch {
"(request-target)" => $"{requestMethod.ToLowerInvariant()} {requestPath}",
"host" => $"{host ?? requestHeaders[header]}",
_ => requestHeaders[header]
});
}