From 0479015602b456b715bc2e4df8c2ff40b94a8ffa Mon Sep 17 00:00:00 2001 From: michaelpiper Date: Fri, 26 Mar 2021 21:18:45 +0100 Subject: [PATCH 1/2] Update parser.js added Check if "required headers" param not exists use the date HTTP header by default --- lib/parser.js | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/parser.js b/lib/parser.js index 88da2bf..4a66da9 100644 --- a/lib/parser.js +++ b/lib/parser.js @@ -31,7 +31,7 @@ module.exports = { throw new MissingRequiredHeadersError('authorization'); } - const { algorithms, requestLifetime = 300 } = options; + const { algorithms, requestLifetime = 300, requiredHeaders=['date'] } = options; /* Check the authorization scheme */ let { authorization } = req.headers; @@ -66,7 +66,13 @@ module.exports = { /* If "headers" param not exists use the date HTTP header by default */ signatureParams.headers = signatureParams.headers ? signatureParams.headers.toLowerCase().split(' ') : ['date']; - + + /* Check if "required headers" param not exists use the date HTTP header by default */ + requiredHeaders.forEach(function (requiredHeader){ + if(signatureParams.headers.indexOf(requiredHeader) === -1){ + throw new MissingRequiredSignatureParamsError(requiredHeader); + } + }); /* Check algoritm */ if (algorithms.indexOf(signatureParams.algorithm) === -1) { throw new UnsupportedAlgorithmError(...algorithms); From 23c8ec73f3963f1aa29f528a272e774668101fad Mon Sep 17 00:00:00 2001 From: michaelpiper Date: Fri, 3 Sep 2021 21:46:29 +0100 Subject: [PATCH 2/2] Update parser.js --- lib/parser.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/parser.js b/lib/parser.js index 4a66da9..899ae54 100644 --- a/lib/parser.js +++ b/lib/parser.js @@ -70,7 +70,7 @@ module.exports = { /* Check if "required headers" param not exists use the date HTTP header by default */ requiredHeaders.forEach(function (requiredHeader){ if(signatureParams.headers.indexOf(requiredHeader) === -1){ - throw new MissingRequiredSignatureParamsError(requiredHeader); + throw new MissingRequiredSignatureParamsError(...requiredHeader); } }); /* Check algoritm */