22927420302
94%

Ran 10 Mar 2026 10:36PM UTC

Jobs 1

Files 66

Run time 1min

Badge

Embed ▾

Committed 10 Mar 2026 10:36PM UTC coverage: 93.454% (-0.06%) from 93.51%

Build # 22927420302

Build Type

push

github

Committed by

web-flow

Commit Message

  fix: prevent HMAC auth middleware from modifying request headers (#70)

The parsePresignedURLParams() function was setting the X-Timestamp
  header as a side effect to pass required header checks. This modified
  the original request which could affect downstream handlers.

  Changes:
  - Removed r.Header.Set() from parsePresignedURLParams()
  - Modified buildSignedHeaders() to accept timestamp from parsedAuth
  - Skip required header check for presigned URLs (timestamp from URL)
  - Add test to verify headers are not modified

Signed-off-by: alexferl <me@alexferl.com>

Coverage Stats

14 of 25 new or added lines in 1 file covered. (56.0%)

5 existing lines in 1 file now uncovered.

8095 of 8662 relevant lines covered (93.45%)

49.06 hits per line

Uncovered Changes

Lines	Coverage	∆	File
11	87.72	0.08%	middleware/hmac_auth.go

Coverage Regressions

Lines	Coverage	∆	File
5	88.05	-0.57%	server.go

Jobs

ID	Job ID	Ran	Files	Coverage
1	22927420302.1	10 Mar 2026 10:36PM UTC	66	93.45	GitHub Action Run

alexferl / zerohttp / 22927420302
94%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Uncovered Changes

Coverage Regressions

Jobs

Source Files on build 22927420302

alexferl / zerohttp / 22927420302 94%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Uncovered Changes

Coverage Regressions

Jobs

Source Files on build 22927420302

alexferl / zerohttp / 22927420302
94%

README BADGES
x