diff options
| author | Mark Felder <feld@feld.me> | 2024-07-25 12:54:27 -0400 |
|---|---|---|
| committer | Mark Felder <feld@feld.me> | 2024-07-25 12:54:27 -0400 |
| commit | 1b9c887dbb8d87814f8d9cc11cfcbc8802348b22 (patch) | |
| tree | efa0b5f4557b64f73e8da70bfaa3a234f269581c /config | |
| parent | 1a482a73c3b99f7fdc512b734dd746e9f9cd396d (diff) | |
| download | pleroma-1b9c887dbb8d87814f8d9cc11cfcbc8802348b22.tar.gz pleroma-1b9c887dbb8d87814f8d9cc11cfcbc8802348b22.zip | |
Extract validate_signature/2 from the HTTPSignaturePlug
This logic only exists in the Plug, so attempting to validate the signature by calling the library function HTTPSignature.validate_conn/2 directly will never work because we do not attempt to construct the (request-target) and @request-target headers with both the commonly misinterpreted and correct implementation of this field. Therefore all attempts to validate a signature from an Oban Job will fail.
Diffstat (limited to 'config')
| -rw-r--r-- | config/test.exs | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/config/test.exs b/config/test.exs index 5d9541f43..8a5694054 100644 --- a/config/test.exs +++ b/config/test.exs @@ -158,8 +158,7 @@ config :pleroma, Pleroma.Uploaders.IPFS, config_impl: Pleroma.UnstubbedConfigMoc config :pleroma, Pleroma.Web.Plugs.HTTPSecurityPlug, config_impl: Pleroma.StaticStubbedConfigMock config :pleroma, Pleroma.Web.Plugs.HTTPSignaturePlug, config_impl: Pleroma.StaticStubbedConfigMock -config :pleroma, Pleroma.Web.Plugs.HTTPSignaturePlug, - http_signatures_impl: Pleroma.StubbedHTTPSignaturesMock +config :pleroma, Pleroma.Signature, http_signatures_impl: Pleroma.StubbedHTTPSignaturesMock peer_module = if String.to_integer(System.otp_release()) >= 25 do |