From 79bb3c2bd319c493f069c72f2f832f6e4ad5ef80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Nowak?= <luke@nexedi.com> Date: Wed, 2 May 2012 14:41:21 +0200 Subject: [PATCH] Do not use Host header. Token server can be totally different then resource server. --- .../portal_skins/erp5_bearer_token/BearerToken_getHMAC.xml | 3 +-- bt5/erp5_bearer_token/bt/revision | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/bt5/erp5_bearer_token/SkinTemplateItem/portal_skins/erp5_bearer_token/BearerToken_getHMAC.xml b/bt5/erp5_bearer_token/SkinTemplateItem/portal_skins/erp5_bearer_token/BearerToken_getHMAC.xml index 54dba4acfd..62bd670728 100644 --- a/bt5/erp5_bearer_token/SkinTemplateItem/portal_skins/erp5_bearer_token/BearerToken_getHMAC.xml +++ b/bt5/erp5_bearer_token/SkinTemplateItem/portal_skins/erp5_bearer_token/BearerToken_getHMAC.xml @@ -51,9 +51,8 @@ <item> <key> <string>_body</string> </key> <value> <string>return context.Base_getHMAC(key,\n - """%s\\n%s\\n%s\\n%s\\n%s""" % (\n + """%s\\n%s\\n%s\\n%s""" % (\n context.REQUEST.getHeader(\'User-Agent\'),\n - context.REQUEST.getHeader(\'Host\'),\n context.REQUEST.get(\'REMOTE_ADDR\'),\n context.getCreationDate().timeTime(),\n fuzzy)\n diff --git a/bt5/erp5_bearer_token/bt/revision b/bt5/erp5_bearer_token/bt/revision index e440e5c842..bf0d87ab1b 100644 --- a/bt5/erp5_bearer_token/bt/revision +++ b/bt5/erp5_bearer_token/bt/revision @@ -1 +1 @@ -3 \ No newline at end of file +4 \ No newline at end of file -- 2.30.9