Make our lists, lists

Author: Jaspaul

readme.md

@@ -43,13 +43,14 @@ SIGNED_REQUEST_TOLERANCE_SECONDS=
 ```
 
 Each of the settings above allows for a different level of configuration.
-    - `SIGNED_REQUEST_ALGORITHM` is the algorithm that will be used to generate / verify the signature. This is defaulted to use `sha256` feel free to change this to anything that `hash_hmac` accepts.
-    - `SIGNED_REQUEST_CACHE_PREFIX` is the prefix to use for all the cache keys that will be generated. Here you can use the default if you're not planning on sharing a cache between multiple applications.
-    - `SIGNED_REQUEST_SIGNATURE_HEADER` should be the request header that the signature will be included on, `X-Signature` will be used by default.
-    - `SIGNED_REQUEST_ALGORITHM_HEADER` should be the request header that the includes the algorithm used to sign the request.
-    - `SIGNED_REQUEST_KEY` is the shared secret key between the application generating the requests, and the application consuming them. This value should not be publically available.
-    - `SIGNED_REQUEST_ALLOW_REPLAYS` allows you to enable or disable replay attacks. By default replays are disabled.
-    - `SIGNED_REQUEST_TOLERANCE_SECONDS` is the number of seconds that a request will be considered for. This setting allows for some time drift between servers and is only used when replays are disabled.
+
+  - `SIGNED_REQUEST_ALGORITHM` is the algorithm that will be used to generate / verify the signature. This is defaulted to use `sha256` feel free to change this to anything that `hash_hmac` accepts.
+  - `SIGNED_REQUEST_CACHE_PREFIX` is the prefix to use for all the cache keys that will be generated. Here you can use the default if you're not planning on sharing a cache between multiple applications.
+  - `SIGNED_REQUEST_SIGNATURE_HEADER` should be the request header that the signature will be included on, `X-Signature` will be used by default.
+  - `SIGNED_REQUEST_ALGORITHM_HEADER` should be the request header that the includes the algorithm used to sign the request.
+  - `SIGNED_REQUEST_KEY` is the shared secret key between the application generating the requests, and the application consuming them. This value should not be publically available.
+  - `SIGNED_REQUEST_ALLOW_REPLAYS` allows you to enable or disable replay attacks. By default replays are disabled.
+  - `SIGNED_REQUEST_TOLERANCE_SECONDS` is the number of seconds that a request will be considered for. This setting allows for some time drift between servers and is only used when replays are disabled.
 
 ### Setup the Middleware
 
@@ -103,7 +104,8 @@ postman.setEnvironmentVariable("x-signature", signature);
 ```
 
 Note for this to work you'll have to setup your environment to have the following variables:
-    - `{{url}}` this is the base url to the api you'll be hitting.
-    - `{{key}}` this is the shared secret key you'll be using in your environment.
+
+  - `{{url}}` this is the base url to the api you'll be hitting.
+  - `{{key}}` this is the shared secret key you'll be using in your environment.
 
 All other environment variables that will be needed will be automatically generated by the above script.