HTTP署名パースにおいてDateとサーバー時間のズレは両方向に300sを許容するように
https://github.com/misskey-dev/misskey/issues/14273#issuecomment-2241244494
This commit is contained in:
parent
88085fd59c
commit
7503fc8145
|
@ -28,10 +28,10 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js';
|
||||||
import { bindThis } from '@/decorators.js';
|
import { bindThis } from '@/decorators.js';
|
||||||
import { IActivity } from '@/core/activitypub/type.js';
|
import { IActivity } from '@/core/activitypub/type.js';
|
||||||
import { isQuote, isRenote } from '@/misc/is-renote.js';
|
import { isQuote, isRenote } from '@/misc/is-renote.js';
|
||||||
import type { FastifyInstance, FastifyRequest, FastifyReply, FastifyPluginOptions, FastifyBodyParser } from 'fastify';
|
|
||||||
import type { FindOptionsWhere } from 'typeorm';
|
|
||||||
import { LoggerService } from '@/core/LoggerService.js';
|
import { LoggerService } from '@/core/LoggerService.js';
|
||||||
import Logger from '@/logger.js';
|
import Logger from '@/logger.js';
|
||||||
|
import type { FastifyInstance, FastifyRequest, FastifyReply, FastifyPluginOptions, FastifyBodyParser } from 'fastify';
|
||||||
|
import type { FindOptionsWhere } from 'typeorm';
|
||||||
|
|
||||||
const ACTIVITY_JSON = 'application/activity+json; charset=utf-8';
|
const ACTIVITY_JSON = 'application/activity+json; charset=utf-8';
|
||||||
const LD_JSON = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"; charset=utf-8';
|
const LD_JSON = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"; charset=utf-8';
|
||||||
|
@ -128,6 +128,10 @@ export class ActivityPubServerService {
|
||||||
requiredInputs: {
|
requiredInputs: {
|
||||||
draft: ['(request-target)', 'digest', 'host', 'date'],
|
draft: ['(request-target)', 'digest', 'host', 'date'],
|
||||||
},
|
},
|
||||||
|
clockSkew: {
|
||||||
|
forward: 300_000,
|
||||||
|
delay: 300_000,
|
||||||
|
},
|
||||||
});
|
});
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
this.inboxLogger.warn('signature header parsing failed', { err });
|
this.inboxLogger.warn('signature header parsing failed', { err });
|
||||||
|
|
Loading…
Reference in New Issue