From c7cf3e468b1fc7d81d1015cdb6cc901978117279 Mon Sep 17 00:00:00 2001 From: Andreas Tasch Date: Fri, 4 Mar 2022 23:53:09 +0100 Subject: [PATCH] Fix possible problem with CamelCased headers on PHP-FPM and/or NGINX. --- src/Gateway/AbstractGateway.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/Gateway/AbstractGateway.php b/src/Gateway/AbstractGateway.php index 241b85c..1c70790 100644 --- a/src/Gateway/AbstractGateway.php +++ b/src/Gateway/AbstractGateway.php @@ -204,8 +204,13 @@ public function getIcon(): string { public function processWebhook() { if ($rawPostData = file_get_contents("php://input")) { // Validate webhook request. + // Note: getallheaders() CamelCases all headers for PHP-FPM/Nginx but for others maybe not, so "BTCPay-Sig" may becomes "Btcpay-Sig". $headers = getallheaders(); - $signature = $headers['Btcpay-Sig'] ?? null; + foreach ($headers as $key => $value) { + if (strtolower($key) === 'btcpay-sig') { + $signature = $value; + } + } if (!isset($signature) || !$this->apiHelper->validWebhookRequest($signature, $rawPostData)) { Logger::debug('Failed to validate signature of webhook request.');