Revert "If httpsig verification fails, fix Host header and try again"

Anthony Wang · Anthony Wang · commit 14cfd8de2307 · 2022-06-14T21:11:55.000-05:00
This reverts commit f53e46c. The bug was actually caused by nginx messing up the Host header when reverse-proxying since I didn't have the line `proxy_set_header Host $host;` in my nginx config for Gitea.
diff --git a/routers/api/v1/activitypub/reqsignature.go b/routers/api/v1/activitypub/reqsignature.go
@@ -90,16 +90,6 @@ func verifyHTTPSignatures(ctx *gitea_context.APIContext) (authenticated bool, er
 	// 3. Verify the other actor's key
 	algo := httpsig.Algorithm(setting.Federation.Algorithms[0])
 	authenticated = v.Verify(pubKey, algo) == nil
-	if authenticated {
-		return
-	}
-	// 4. When Gitea and the other ActivityPub server are running on the same machine, the Host header is sometimes incorrect
-	r.Header["Host"] = []string{setting.Domain}
-	v, err = httpsig.NewVerifier(r)
-	if err != nil {
-		return
-	}
-	authenticated = v.Verify(pubKey, algo) == nil
 	return
 }
 
