From df5e06ca8adad80fa5c45a8ef87e3437f5de2d94 Mon Sep 17 00:00:00 2001
From: Jesse Wierzbinski <contact@cpluspatch.com>
Date: Tue, 27 Aug 2024 02:17:07 +0200
Subject: [PATCH] fix(federation): :bug: Make HTTP header validation lowercase

---
 server/api/users/:uuid/inbox/index.ts | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/server/api/users/:uuid/inbox/index.ts b/server/api/users/:uuid/inbox/index.ts
index 04cd99f7..bdba5b63 100644
--- a/server/api/users/:uuid/inbox/index.ts
+++ b/server/api/users/:uuid/inbox/index.ts
@@ -39,9 +39,9 @@ export const schemas = {
         uuid: z.string().uuid(),
     }),
     header: z.object({
-        "X-Signature": z.string(),
-        "X-Nonce": z.string(),
-        "X-Signed-By": z.string().url().or(z.literal("instance")),
+        "x-signature": z.string(),
+        "x-nonce": z.string(),
+        "x-signed-by": z.string().url().or(z.literal("instance")),
         authorization: z.string().optional(),
     }),
     body: z.any(),
@@ -57,9 +57,9 @@ export default apiRoute((app) =>
         async (context) => {
             const { uuid } = context.req.valid("param");
             const {
-                "X-Signature": signature,
-                "X-Nonce": nonce,
-                "X-Signed-By": signedBy,
+                "x-signature": signature,
+                "x-nonce": nonce,
+                "x-signed-by": signedBy,
                 authorization,
             } = context.req.valid("header");
             const logger = getLogger(["federation", "inbox"]);