Request headers are not signed? #910
Labels
No labels
A: API
A: Backend
A: Federation
A: Front-End
A: I18N
A: Meta
A: Security
Build
C: Bug
C: Discussion
C: Enhancement
C: Feature
Compatibility
Dependency
Design
Documentation
Good first issue
Help welcome
Mobile
Rendering
S: Blocked
S: Duplicate
S: Incomplete
S: Instance specific
S: Invalid
S: Needs Voting/Discussion
S: Ready for review
Suggestion
S: Voted on Loomio
S: Wontfix
No milestone
No project
No assignees
2 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: Plume/Plume#910
Loading…
Add table
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
When sending ActivityPub updates to a mastodon instance, the requests are rejected by Mastodon because the
Host
header is not signed. The Plume logs show:Thank you reporting. Which version do you use?
Plume v0.6.0 (or earler) doesn't signature Host header. But latest
main
branch and Docker image does.I'm aware I should release next version soon, but if you need the feature soon, can you try latest unstable version?
Note: fediverse.blog logs the same error:
Its current revision is
d0dd23a
.I was on 0.6.0 when this issue occured. I currently don't have resources to try a different version at the moment
Okay, next release should include the fix.
@Ghost v0.7.0 which includes fix for this issue, has been released!