activitypub: sign http date header

author William Pitcock <nenolod@dereferenced.org>

Thu, 21 Feb 2019 00:23:17 +0000 (00:23 +0000)

committer William Pitcock <nenolod@dereferenced.org>

Thu, 21 Feb 2019 00:23:17 +0000 (00:23 +0000)
author William Pitcock <nenolod@dereferenced.org>
Thu, 21 Feb 2019 00:23:17 +0000 (00:23 +0000)
committer William Pitcock <nenolod@dereferenced.org>
Thu, 21 Feb 2019 00:23:17 +0000 (00:23 +0000)
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex

index d1ac8172e81b56da6e56d319b06716eca2ff9bda..7e153f3966c0ef4c15088be7b07668ef6ea0d537 100644 (file)
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -823,11 +823,16 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
  
      digest = "SHA-256=" <> (:crypto.hash(:sha256, json) |> Base.encode64())
  
+    date =
+      NaiveDateTime.utc_now()
+      |> Timex.format!("{WDshort}, {D} {Mshort} {YYYY} {h24}:{m}:{s} GMT")
+
      signature =
        Pleroma.Web.HTTPSignatures.sign(actor, %{
          host: host,
          "content-length": byte_size(json),
-        digest: digest
+        digest: digest,
+        date: date
        })
  
      with {:ok, %{status: code}} when code in 200..299 <-
@@ -837,6 +842,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
                 json,
                 [
                   {"Content-Type", "application/activity+json"},
+                 {"Date", date},
                   {"signature", signature},
                   {"digest", digest}
                 ]
author	William Pitcock <nenolod@dereferenced.org>
	Thu, 21 Feb 2019 00:23:17 +0000 (00:23 +0000)
committer	William Pitcock <nenolod@dereferenced.org>
	Thu, 21 Feb 2019 00:23:17 +0000 (00:23 +0000)