Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Implement Server-Authorization header and configuraion directive #7

Open
algermissen opened this issue Jul 29, 2013 · 0 comments
Open

Implement Server-Authorization header and configuraion directive #7

algermissen opened this issue Jul 29, 2013 · 0 comments
Labels
enhancement

Comments

@algermissen
Copy link
Owner

Hawk specifies a header Server-Authorization that the server can use to sign its responses. Clients can use that header to determine that a given response has not been modified by an attacker.

This header is not a necessity for the use of the module in the OTTO context, yet, but at some point it should be implemented.

There should be a configuration directive to switch Server-Authorization generation on or off in the nginx config.
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@algermissen