File tree Expand file tree Collapse file tree 1 file changed +8
-1
lines changed
Expand file tree Collapse file tree 1 file changed +8
-1
lines changed Original file line number Diff line number Diff line change @@ -96,6 +96,13 @@ impl LnurlAuth {
9696
9797 let domain = url. base_url ( ) ;
9898
99+ // Enforce HTTPS for non-localhost URLs per LNURL spec.
100+ let is_localhost = domain == "localhost" || domain == "127.0.0.1" || domain == "[::1]" ;
101+ if url. scheme ( ) != "https" && !is_localhost {
102+ log_error ! ( self . logger, "LNURL-auth URL must use HTTPS for non-localhost domains" ) ;
103+ return Err ( Error :: InvalidLnurl ) ;
104+ }
105+
99106 // get query parameters for k1 and tag
100107 let query_params: std:: collections:: HashMap < _ , _ > = url. query_pairs ( ) . collect ( ) ;
101108
@@ -135,7 +142,7 @@ impl LnurlAuth {
135142 let auth_url = format ! ( "{lnurl_auth_url}&sig={signature}&key={linking_public_key}" ) ;
136143
137144 log_debug ! ( self . logger, "Submitting LNURL-auth response" ) ;
138- let request = bitreq:: get ( & auth_url) ;
145+ let request = bitreq:: get ( & auth_url) . with_max_redirects ( 0 ) ;
139146 let auth_response = self . client . send_async ( request) . await . map_err ( |e| {
140147 log_error ! ( self . logger, "Failed to submit LNURL-auth response: {e}" ) ;
141148 Error :: LnurlAuthFailed
You can’t perform that action at this time.
0 commit comments