AP S2S: Don't require specific `Accept` header for endpoints that don't have a response anyway
Background
gup.pe is a ActivityPub server that as group actors. Anyone who mentions a group @gup.pe will be able to create and share the post with the group (the group forwards any message mentioning it), and anyone who follows the group can receive updates within the group, so the group basically works as a mailing list. It works perfectly fine with Mastodon, but currently it does not work with any pleroma instance.
Steps to reproduce
- On a pleroma instance, search @test@gup.pe. It should show the group actor.
- Send a follow request to @test@gup.pe. The follow request hangs.
Environment
Almost any pleroma instance.
Technical details
There is a issue tracking this problem on their page as well: https://github.com/wmurphyrd/guppe/issues/21. As I am trying to work on a fix on their side, I am confused about the signature verification error.
Sep 07 08:08:54 lil-wuppo pleroma[78642]: request_id=FjJx-YQS4icHvnIADhzB [debug] Signature validation error for: https://gup.pe/u/rec, make sure you are forwarding the HTTP Host header!
Sep 07 08:08:54 lil-wuppo pleroma[78642]: request_id=FjJx-YQS4icHvnIADhzB [debug] [{"accept", "application/json"}, {"connection", "upgrade"}, {"content-length", "686"}, {"content-type", "application/activity+json"}, {"date", "Mon, 07 Sep 2020 08:08:53 GMT"}, {"host", "wuppo.allowed.org"}, {"signature", "keyId=\"https://gup.pe/u/rec\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date\",signature=\"QdYIUO2QR6oeIBCNSLJbT79JqjH9+EigEbcv0dIwjnQvNAnO0fbuP5AbODbuDP+7p7teVNnZ22qr6u0/X0VUF9iDL5KusEUEbNnQfxX3QMP2IAljvLbm7GTKC/ReFueN7nacoXd0ZQQYPvoyQsa6mHCLqmDTcqMOCwq+/bDprD54m14RUkVHjo1ihCQRPFFG/QINnlSmnqwvlqV+QMNIvQ5CdeP23NY1JMgtnhLmCvzH3FySd0iZSaQe/Porjf48jehpt+uzQltFWFPnt9hD1zomS3pQLab2B1h6uk68K7hmN5eFe3YJ4/07WK3qr33LDtKWHI7odVHX2hF61t0JlDCsqjZBLmE9gtRZup2fJcQ1iEKqQ8GBH/wyoWdb+1DRXk2hsU1vk6AppnxYNsi9/jyXtlLmfSI4uhjRR4r2X+AUtsCVoHNLFFAZ5Frn0DJgvXtl82LYe/dGI76nlMJDnexwfTyKpdhTdNFQbTsHhuZzkmh9Qxd1dMZjjttyh7a45YnggeZQcMoL/g6lhY9tXdjRaRBUhhMbv68Lf53SdUvZ8QST32nJv8RrbhA+rhZqtUnrhkzCN8XsvdL9j3h+Cc/fBreE02/IvUvSHbiO151fbpZDWlg+3z7vTGmkpj5a5ZMgpN27sAwt85Av2Q015p9iceXG4FlqgvwS42CHFLU=\""}, {"x-forwarded-for", "162.249.4.153"}]
Is the signature requirement documented for Pleroma? Also, do you see any error in the headers or the signature above?
The HTTP signing process of gup.pe is straightforward and short: https://github.com/wmurphyrd/guppe/blob/master/pub/federation.js
I didn't figure out the cause because I am not familiar with Elixir.