liamdennehy
commented
5 years ago @aljones15: Apologies for not editing the tests myself, I'm not confident enough in node or my understanding of this suite to confidently propose changes.
Open liamdennehy opened 5 years ago
liamdennehy
commented
5 years ago @aljones15: Apologies for not editing the tests myself, I'm not confident enough in node or my understanding of this suite to confidently propose changes.
An implementation is expected to use the
headerssignature parameter of a received HTTP message to validate a message, so listing these headers in the commandline of theverifymode serves no purpose.These should be removed so the implementation relies entirely on the provided message as required, including if the headers listed are not in the message (
not-in-requestinvocation).