Skip to content

Commit 5bcea2f

Browse files
SamyPesseSamyPesse
authored
Fix signature verification with image resizing on v1 (#2899)
1 parent 73afd1f commit 5bcea2f

File tree

2 files changed

+7
-3
lines changed

2 files changed

+7
-3
lines changed

packages/gitbook-v2/src/lib/images/createImageResizer.ts

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,6 @@ export function createImageResizer({
6666
linker.toAbsoluteURL(linker.toPathInContent('/~gitbook/image'))
6767
);
6868
url.searchParams.set('url', getImageAPIUrl(urlInput));
69-
url.searchParams.set('host', host);
7069

7170
if (options.width) {
7271
url.searchParams.set('width', options.width.toString());

packages/gitbook/src/routes/image.ts

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,16 +37,21 @@ export async function serveResizedImage(request: Request) {
3737
}
3838

3939
// Verify the signature
40+
const host =
41+
request.headers.get('x-gitbook-host') ??
42+
request.headers.get('x-forwarded-host') ??
43+
request.headers.get('host') ??
44+
requestURL.host;
4045
const verified = await verifyImageSignature(
4146
{
4247
url,
43-
host: requestURL.host,
48+
host,
4449
},
4550
{ signature, version: signatureVersion }
4651
);
4752
if (!verified) {
4853
return new Response(
49-
`Invalid signature "${signature ?? ''}" (version ${signatureVersion}) for "${url}" on "${requestURL.host}"`,
54+
`Invalid signature "${signature ?? ''}" (version ${signatureVersion}) for "${url}" on "${host}"`,
5055
{ status: 400 }
5156
);
5257
}

0 commit comments

Comments
 (0)