moying2026 opened a new pull request, #13399: URL: https://github.com/apache/apisix/pull/13399
The body validation example under the `hmac-auth` plugin currently computes a Digest header but does not sign it. This leads to a setup where the body integrity is not bound to the HMAC signature, which can mislead users. Changes: - Move body digest computation before signature generation. - Append the `digest` header to the signing string. - Include `digest` in the `headers` list of the Authorization header. - Update the printed example output accordingly. This ensures the example correctly demonstrates end‑to‑end body integrity, where the body digest is part of the signed material. Resolves #13395 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
