dirk
/
honk
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

if the digest is in the httpsig, we should also verify it matches content

This commit is contained in:
Ted Unangst 2019-05-21 15:44:58 -04:00
parent f55e212238
commit f14b8d8e6e
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
zig.go
View File

@ -139,6 +139,12 @@ func zag(req *http.Request, content []byte) (string, error) {
if s != serverName { if s != serverName {
log.Printf("caution: servername host header mismatch") log.Printf("caution: servername host header mismatch")
} }
case "digest":
s = req.Header.Get(h)
expv := "SHA-256=" + sb64sha256(content)
if s != expv {
return "", fmt.Errorf("digest header '%s' did not match content", s)
}
default: default:
s = req.Header.Get(h) s = req.Header.Get(h)
} }