From f941a292f7211d2712d94983226662446b74f8bb Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Thu, 4 Oct 2018 18:35:13 +0300 Subject: Add User-Agent header to http signature verification headers list --- juick-server/src/main/java/com/juick/server/api/activity/Profile.java | 2 ++ 1 file changed, 2 insertions(+) (limited to 'juick-server/src/main/java/com') diff --git a/juick-server/src/main/java/com/juick/server/api/activity/Profile.java b/juick-server/src/main/java/com/juick/server/api/activity/Profile.java index 76b82d79..a46db7fe 100644 --- a/juick-server/src/main/java/com/juick/server/api/activity/Profile.java +++ b/juick-server/src/main/java/com/juick/server/api/activity/Profile.java @@ -233,6 +233,7 @@ public class Profile { @RequestHeader(name = "Date") String date, @RequestHeader(name = "Digest") String digest, @RequestHeader(name = "Content-Type") String contentType, + @RequestHeader(name = "User-Agent") String userAgent, @RequestHeader(name = "Signature") String signature) { UriComponents componentsBuilder = ServletUriComponentsBuilder.fromCurrentRequestUri().build(); Map headers = new HashMap<>(); @@ -240,6 +241,7 @@ public class Profile { headers.put("date", date); headers.put("digest", digest); headers.put("content-type", contentType); + headers.put("user-agent", userAgent); boolean valid = signatureManager.verifySignature(signature, URI.create(activity.getActor()), "POST", componentsBuilder.getPath(), headers); if (valid) { -- cgit v1.2.3