mirror of
https://github.com/nostr-protocol/nips.git
synced 2024-12-22 16:35:52 -05:00
add note about payload hash
This commit is contained in:
parent
29f26e72b5
commit
2d31ddd38a
10
98.md
10
98.md
|
@ -18,8 +18,8 @@ The `content` SHOULD be empty.
|
||||||
|
|
||||||
The following tags are defined as REQUIRED.
|
The following tags are defined as REQUIRED.
|
||||||
|
|
||||||
* `url` - absolute URL
|
* `u` - absolute URL
|
||||||
* `method` - HTTP Request Method
|
* `method` - HTTP Request Method
|
||||||
|
|
||||||
Example event:
|
Example event:
|
||||||
```json
|
```json
|
||||||
|
@ -31,7 +31,7 @@ Example event:
|
||||||
"created_at": 1682327852,
|
"created_at": 1682327852,
|
||||||
"tags": [
|
"tags": [
|
||||||
[
|
[
|
||||||
"url",
|
"u",
|
||||||
"https://api.snort.social/api/v1/n5sp/list"
|
"https://api.snort.social/api/v1/n5sp/list"
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
|
@ -49,6 +49,10 @@ Servers MUST perform the following checks in order to validate the event:
|
||||||
3. The `url` tag MUST be exactly the same as the absolute request URL (including query parameters).
|
3. The `url` tag MUST be exactly the same as the absolute request URL (including query parameters).
|
||||||
4. The `method` tag MUST be the same HTTP method used for the requested resource.
|
4. The `method` tag MUST be the same HTTP method used for the requested resource.
|
||||||
|
|
||||||
|
When the request contains a body (as in POST/PUT/PATCH methods) clients SHOULD include a SHA256 hash of the request body in a `payload` tag as hex (`["payload", "<sha256-hex>"]`), servers MAY check this to validate that the requested payload is authorized.
|
||||||
|
|
||||||
|
If one of the checks was to fail the server SHOULD respond with a 401 Unauthorized response code.
|
||||||
|
|
||||||
All other checks which server MAY do are OPTIONAL, and implementation specific.
|
All other checks which server MAY do are OPTIONAL, and implementation specific.
|
||||||
|
|
||||||
## Request Flow
|
## Request Flow
|
||||||
|
|
Loading…
Reference in New Issue
Block a user