Closed Xylakant closed 12 years ago
the hmac_header strategy assumes that headers are in regular case, but rack actually capitalizes all headers in the incoming request:
{"ACCEPT"=>"/", "AUTHORIZATION"=>"HMAC a5b83b105607d1f661387b75f1602d45f6448b60", "CONNECTION"=>"close", "DATE"=>"Sun, 15 Jan 2012 20:29:47 GMT", "HOST"=>"www.example.com", "USER-AGENT"=>"curl/7.21.6 (x86_64-apple-darwin10.7.0) libcurl/7.21.6 OpenSSL/1.0.0d zlib/1.2.5 libidn/1.22 libssh2/1.2.7", "VERSION"=>"HTTP/1.0", "X-FORWARDED-FOR"=>"protected", "X-REAL-IP"=>"protected"}
fixed in master and 0.5.5
Xylakant
commented
12 years ago Xylakant
commented
12 years ago
the hmac_header strategy assumes that headers are in regular case, but rack actually capitalizes all headers in the incoming request:
{"ACCEPT"=>"/", "AUTHORIZATION"=>"HMAC a5b83b105607d1f661387b75f1602d45f6448b60", "CONNECTION"=>"close", "DATE"=>"Sun, 15 Jan 2012 20:29:47 GMT", "HOST"=>"www.example.com", "USER-AGENT"=>"curl/7.21.6 (x86_64-apple-darwin10.7.0) libcurl/7.21.6 OpenSSL/1.0.0d zlib/1.2.5 libidn/1.22 libssh2/1.2.7", "VERSION"=>"HTTP/1.0", "X-FORWARDED-FOR"=>"protected", "X-REAL-IP"=>"protected"}