|
|
|
@ -297,10 +297,10 @@ func GetChallenge(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NOTE: We should be checking that the request is either a POST-as-GET, or
|
|
|
|
|
// that the payload is an empty JSON block ({}) for non device attestation
|
|
|
|
|
// challenges. However, older ACME clients still send a vestigial body
|
|
|
|
|
// (rather than an empty JSON block) and strict enforcement would render
|
|
|
|
|
// these clients broken.
|
|
|
|
|
// that for all challenges except for device-attest-01, the payload is an
|
|
|
|
|
// empty JSON block ({}). However, older ACME clients still send a vestigial
|
|
|
|
|
// body (rather than an empty JSON block) and strict enforcement would
|
|
|
|
|
// render these clients broken.
|
|
|
|
|
|
|
|
|
|
azID := chi.URLParam(r, "authzID")
|
|
|
|
|
ch, err := db.GetChallenge(ctx, chi.URLParam(r, "chID"), azID)
|
|
|
|
|