diff options
| -rw-r--r-- | 98.md | 10 |
1 files changed, 7 insertions, 3 deletions
| @@ -18,8 +18,8 @@ The `content` SHOULD be empty. | |||
| 18 | 18 | ||
| 19 | The following tags are defined as REQUIRED. | 19 | The following tags are defined as REQUIRED. |
| 20 | 20 | ||
| 21 | * `url` - absolute URL | 21 | * `u` - absolute URL |
| 22 | * `method` - HTTP Request Method | 22 | * `method` - HTTP Request Method |
| 23 | 23 | ||
| 24 | Example event: | 24 | Example event: |
| 25 | ```json | 25 | ```json |
| @@ -31,7 +31,7 @@ Example event: | |||
| 31 | "created_at": 1682327852, | 31 | "created_at": 1682327852, |
| 32 | "tags": [ | 32 | "tags": [ |
| 33 | [ | 33 | [ |
| 34 | "url", | 34 | "u", |
| 35 | "https://api.snort.social/api/v1/n5sp/list" | 35 | "https://api.snort.social/api/v1/n5sp/list" |
| 36 | ], | 36 | ], |
| 37 | [ | 37 | [ |
| @@ -49,6 +49,10 @@ Servers MUST perform the following checks in order to validate the event: | |||
| 49 | 3. The `url` tag MUST be exactly the same as the absolute request URL (including query parameters). | 49 | 3. The `url` tag MUST be exactly the same as the absolute request URL (including query parameters). |
| 50 | 4. The `method` tag MUST be the same HTTP method used for the requested resource. | 50 | 4. The `method` tag MUST be the same HTTP method used for the requested resource. |
| 51 | 51 | ||
| 52 | When the request contains a body (as in POST/PUT/PATCH methods) clients SHOULD include a SHA256 hash of the request body in a `payload` tag as hex (`["payload", "<sha256-hex>"]`), servers MAY check this to validate that the requested payload is authorized. | ||
| 53 | |||
| 54 | If one of the checks was to fail the server SHOULD respond with a 401 Unauthorized response code. | ||
| 55 | |||
| 52 | All other checks which server MAY do are OPTIONAL, and implementation specific. | 56 | All other checks which server MAY do are OPTIONAL, and implementation specific. |
| 53 | 57 | ||
| 54 | ## Request Flow | 58 | ## Request Flow |