X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fhelpers%2Frequests.js;h=42786411725ce8980bd3d017497567eb1f10ccb9;hb=f282639b07deee1e35403bd86c46ea521fb4845e;hp=95775c981c1a5545d0e82bd45bc4bb48b88770f0;hpb=c4403b29ad4db097af528a7f04eea07e0ed320d0;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/helpers/requests.js b/server/helpers/requests.js
index 95775c981..427864117 100644
--- a/server/helpers/requests.js
+++ b/server/helpers/requests.js
@@ -25,45 +25,42 @@ function makeRetryRequest (params, callback) {
 
 function makeSecureRequest (params, callback) {
   const requestParams = {
-    url: params.toPod.url + params.path
+    url: constants.REMOTE_SCHEME.HTTP + '://' + params.toPod.host + params.path
   }
 
-  // Add data with POST requst ?
-  if (params.method === 'POST') {
-    requestParams.json = {}
-
-    // Add signature if it is specified in the params
-    if (params.sign === true) {
-      requestParams.json.signature = {
-        url: constants.CONFIG.WEBSERVER.URL,
-        signature: peertubeCrypto.sign(constants.CONFIG.WEBSERVER.URL)
-      }
-    }
+  if (params.method !== 'POST') {
+    return callback(new Error('Cannot make a secure request with a non POST method.'))
+  }
 
-    // If there are data informations
-    if (params.data) {
-      // Encrypt data
-      if (params.encrypt === true) {
-        peertubeCrypto.encrypt(params.toPod.publicKey, JSON.stringify(params.data), function (err, encrypted) {
-          if (err) return callback(err)
+  requestParams.json = {}
 
-          requestParams.json.data = encrypted.data
-          requestParams.json.key = encrypted.key
+  // Add signature if it is specified in the params
+  if (params.sign === true) {
+    const host = constants.CONFIG.WEBSERVER.HOST
 
-          request.post(requestParams, callback)
-        })
-      } else {
-        // No encryption
-        requestParams.json.data = params.data
-        request.post(requestParams, callback)
-      }
+    let dataToSign
+    if (params.data) {
+      dataToSign = dataToSign = params.data
     } else {
-      // No data
-      request.post(requestParams, callback)
+      // We do not have data to sign so we just take our host
+      // It is not ideal but the connection should be in HTTPS
+      dataToSign = host
     }
-  } else {
-    request.get(requestParams, callback)
+
+    requestParams.json.signature = {
+      host, // Which host we pretend to be
+      signature: peertubeCrypto.sign(dataToSign)
+    }
+  }
+
+  // If there are data informations
+  if (params.data) {
+    requestParams.json.data = params.data
   }
+
+  console.log(requestParams.json.data)
+
+  request.post(requestParams, callback)
 }
 
 // ---------------------------------------------------------------------------