spacewander commented on a change in pull request #5038:
URL: https://github.com/apache/apisix/pull/5038#discussion_r708781018
##########
File path: docs/en/latest/plugins/hmac-auth.md
##########
@@ -192,6 +194,18 @@ print(base64.b64encode(hash.digest()))
| --------- | -------------------------------------------- |
| SIGNATURE | 8XV1GB7Tq23OJcoz6wjqTs4ZLxr9DiLoY4PxzScWGYg= |
+### Request body checking
+
+When `validate_request_body` is assigned to `true`, the plugin will check the
request body. The plugin will calculate the hmac-sha value of the request
body,and check against the `X-HMAC-DIGEST` header.
+
+```
+X-HMAC-DIGEST: base64(hmac-sha(<body>))
+```
+
+When there is no request body, the `X-HMAC-DIGEST` header can be omitted. If
you want to send a request with this header when the body is missing, you can
set `X-HMAC-DIGEST` value to the hmac-sha of empty string.
+
+**Note:** The plugin will load the request body to memory to calculate the
digest of the request body, which wight cause high memory consumption with
large bodies. You can limit the max allowed body size by the configuration of
`max_req_body`(default=512KB), request body larger than that will be rejected.
Review comment:
```suggestion
**Note:** The plugin will load the request body to memory to calculate the
digest of the request body, which might cause high memory consumption with
large bodies. You can limit the max allowed body size by the configuration of
`max_req_body`(default=512KB), request body larger than that will be rejected.
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
