authorized fetch #217

the implementation is copied from the other places we already check HTTP signatures, and cross-checked with Firefish's implementation
author: dakkar <dakkar@thenautilus.net> 2023-12-20 12:17:59 +0000
committer: dakkar <dakkar@thenautilus.net> 2023-12-23 15:26:42 +0000
commit: e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef (patch)
tree: 0dd8823d32824416ea0631a785d43f75d7af3ea6 /.config/example.yml
parent: fix: check (diff)
download: sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.tar.gz
sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.tar.bz2
sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/.config/example.yml b/.config/example.yml
index 4b0d07ae85..28fe5b359d 100644
--- a/.config/example.yml
+++ b/.config/example.yml
@@ -212,6 +212,8 @@ proxyRemoteFiles: true
 
 # Sign to ActivityPub GET request (default: true)
 signToActivityPubGet: true
+# check that inbound ActivityPub GET requests are signed ("authorized fetch")
+checkActivityPubGetSignature: false
 
 # For security reasons, uploading attachments from the intranet is prohibited,
 # but exceptions can be made from the following settings. Default value is "undefined".
author	dakkar <dakkar@thenautilus.net>	2023-12-20 12:17:59 +0000
committer	dakkar <dakkar@thenautilus.net>	2023-12-23 15:26:42 +0000
commit	e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef (patch)
tree	0dd8823d32824416ea0631a785d43f75d7af3ea6 /.config/example.yml
parent	fix: check (diff)
download	sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.tar.gz sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.tar.bz2 sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.zip