wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Clarify that the X-Matrix validation uses the parsed request body (#3727)

Browse source
This commit is contained in:
Travis Ralston 2022-02-17 08:54:27 -07:00 committed by Travis Ralston
parent 2997c9089d
commit b6f2b172a6
2 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
changelogs/server_server/newsfragments/3727.clarification Normal file
View file

@ -0,0 +1 @@
Clarify that the `content` for `X-Matrix` signature validation is the parsed JSON body.

3
content/server-server-api.md
View file

@ -237,7 +237,7 @@ Step 1 sign JSON:
"uri": "/target", "uri": "/target",
"origin": "origin.hs.example.com", "origin": "origin.hs.example.com",
"destination": "destination.hs.example.com", "destination": "destination.hs.example.com",
"content": <request body>, "content": <JSON-parsed request body>,
"signatures": { "signatures": {
"origin.hs.example.com": { "origin.hs.example.com": {
"ed25519:key1": "ABCDEF..." "ed25519:key1": "ABCDEF..."
@ -274,6 +274,7 @@ def authorization_headers(origin_name, origin_signing_key,
} }
if content is not None: if content is not None:
# Assuming content is already parsed as JSON
request_json["content"] = content request_json["content"] = content
signed_json = sign_json(request_json, origin_name, origin_signing_key) signed_json = sign_json(request_json, origin_name, origin_signing_key)