yetangitu/funkwhale
1
0
Fork 0
mirror of https://code.eliotberriot.com/funkwhale/funkwhale.git synced 2025-10-05 22:28:26 +02:00
Code Issues Releases Wiki Activity

Fix #328: Validate Date header in HTTP Signatures

Browse source
This commit is contained in:
Eliot Berriot 2018-06-24 19:17:56 +02:00
parent 2a7333df6f
commit 9017acdb39
No known key found for this signature in database
GPG key ID: DD6965E2476E5C27
4 changed files with 58 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

3
api/funkwhale_api/federation/factories.py
View file

@ -5,6 +5,7 @@ import requests
import requests_http_signature
from django.conf import settings
from django.utils import timezone
from django.utils.http import http_date
from funkwhale_api.factories import registry
@ -39,7 +40,7 @@ class SignedRequestFactory(factory.Factory):
default_headers = {
"User-Agent": "Test",
"Host": "test.host",
"Date": "Right now",
"Date": http_date(timezone.now().timestamp()),
"Content-Type": "application/activity+json",
}
if extracted: