> > Before to definitely fly to other places where to find answers to my > problem I have one little question related with web2py... > In woocommerce documentation they say this about request signature: > > "X-WC-Webhook-Signature - a base64 encoded HMAC-SHA256 hash of the > payload."[1] > > Till now I interpreted "payload" as the request body... so as the json > string I can read simply using `request.body.read()`. > Could it even be interpreted as the whole send content including the the > request header? >
I would be surprised if that were the case given that (1) order of HTTP headers is not supposed to be significant (but would need to be if being used to generate a hash) and (2) WSGI applications receive incoming requests in the form of an environment dictionary generated by the WSGI-compliant web server, not the original HTTP message. > How could it be get or reconstructed from the request storage object? > I'm not sure if it includes the entire original HTTP message or just the request body, but you can try request.env['wsgi.input']. If that doesn't work, web2py (and probably any WSGI-compliant framework) would not have access to the original HTTP message (which is parsed by the web server before passing request data to the web framework/application). Anthony -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
