Skip to content

Add optional signing, domain verification, and path-scoped dynamic responses #1268

New issue
New issue
Open
Open
Add optional signing, domain verification, and path-scoped dynamic responses#1268
Labels
Type: EnhancementMost issues will probably ask for additions or changes.
@realgam3

Description

@realgam3
realgam3
opened on Oct 31, 2025

Please describe your feature request:

Add three optional enhancements to dynamic responses, each independently toggleable:
1. Signed updates (HMAC): server verifies signature using a per-deployment secret/keypair.
2. Domain ownership gating: allow dynamic responses only for domains registered by the interactsh client.
3. Path-scoped updates: API to set/update responses for specific HTTP paths (optionally with wildcards) with TTLs.

These are disabled by default and can be enabled independently via config/flags (e.g., DYNAMIC_SIGNING=on + SIGNING_KEY=..., DOMAIN_VERIFICATION=on, DYNAMIC_PATHS=on).

Describe the use case of this feature:

•	Security: prevent unauthorized edits when -dynamic is enabled; restrict usage to owned domains.
•	DX & automation: set per-path payloads to simplify scripts and concurrent tests.
•	Incremental adoption: fully backward-compatible; deployments can opt into any subset without changing current workflows.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type: EnhancementMost issues will probably ask for additions or changes.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions