diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/activitypub.ts | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index 580606a68..d00594059 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts | |||
@@ -63,7 +63,16 @@ async function checkHttpSignature (req: Request, res: Response) { | |||
63 | const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string | 63 | const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string |
64 | if (sig && sig.startsWith('Signature ') === true) req.headers[HTTP_SIGNATURE.HEADER_NAME] = sig.replace(/^Signature /, '') | 64 | if (sig && sig.startsWith('Signature ') === true) req.headers[HTTP_SIGNATURE.HEADER_NAME] = sig.replace(/^Signature /, '') |
65 | 65 | ||
66 | const parsed = parseHTTPSignature(req, HTTP_SIGNATURE.CLOCK_SKEW_SECONDS) | 66 | let parsed: any |
67 | |||
68 | try { | ||
69 | parsed = parseHTTPSignature(req, HTTP_SIGNATURE.CLOCK_SKEW_SECONDS) | ||
70 | } catch (err) { | ||
71 | logger.warn('Invalid signature because of exception in signature parser', { reqBody: req.body, err }) | ||
72 | |||
73 | res.status(403).json({ error: err.message }) | ||
74 | return false | ||
75 | } | ||
67 | 76 | ||
68 | const keyId = parsed.keyId | 77 | const keyId = parsed.keyId |
69 | if (!keyId) { | 78 | if (!keyId) { |