aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/activitypub.ts11
1 files changed, 10 insertions, 1 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts
index 580606a68..d00594059 100644
--- a/server/middlewares/activitypub.ts
+++ b/server/middlewares/activitypub.ts
@@ -63,7 +63,16 @@ async function checkHttpSignature (req: Request, res: Response) {
63 const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string 63 const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string
64 if (sig && sig.startsWith('Signature ') === true) req.headers[HTTP_SIGNATURE.HEADER_NAME] = sig.replace(/^Signature /, '') 64 if (sig && sig.startsWith('Signature ') === true) req.headers[HTTP_SIGNATURE.HEADER_NAME] = sig.replace(/^Signature /, '')
65 65
66 const parsed = parseHTTPSignature(req, HTTP_SIGNATURE.CLOCK_SKEW_SECONDS) 66 let parsed: any
67
68 try {
69 parsed = parseHTTPSignature(req, HTTP_SIGNATURE.CLOCK_SKEW_SECONDS)
70 } catch (err) {
71 logger.warn('Invalid signature because of exception in signature parser', { reqBody: req.body, err })
72
73 res.status(403).json({ error: err.message })
74 return false
75 }
67 76
68 const keyId = parsed.keyId 77 const keyId = parsed.keyId
69 if (!keyId) { 78 if (!keyId) {