diff options
| author | dakkar <dakkar@thenautilus.net> | 2023-12-20 12:17:59 +0000 |
|---|---|---|
| committer | dakkar <dakkar@thenautilus.net> | 2023-12-23 15:26:42 +0000 |
| commit | e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef (patch) | |
| tree | 0dd8823d32824416ea0631a785d43f75d7af3ea6 /chart | |
| parent | fix: check (diff) | |
| download | sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.tar.gz sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.tar.bz2 sharkey-e5ea882ed74b3cdd0e86f4dda5a8ce724f30d2ef.zip | |
authorized fetch #217
the implementation is copied from the other places we already check
HTTP signatures, and cross-checked with Firefish's implementation
Diffstat (limited to 'chart')
| -rw-r--r-- | chart/files/default.yml | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/chart/files/default.yml b/chart/files/default.yml index 4cc291e80a..9c81964736 100644 --- a/chart/files/default.yml +++ b/chart/files/default.yml @@ -194,6 +194,8 @@ id: "aidx" # Sign to ActivityPub GET request (default: true) signToActivityPubGet: true +# check that inbound ActivityPub GET requests are signed ("authorized fetch") +checkActivityPubGetSignature: false #allowedPrivateNetworks: [ # '127.0.0.1/32' |