Function add_skip_certification_header

pub fn add_skip_certification_header(
    data_certificate: Vec<u8>,
    response: &mut HttpResponse<'_>,
)

Adds the IC-Certificate and IC-Certificate-Expression headers to a given HttpResponse. These headers are used by the HTTP Gateway to verify the authenticity of query call responses. In this case, the headers are pre-configured to instruct the HTTP Gateway to skip certification verification in a secure way. Secure in this context means that the decision to skip certification is made by the canister itself, and not by the replica, API boundary nodes or any other intermediate party.

Arguments

• data_certificate - A certificate used by the HTTP Gateway to verify a response. Retrieved using ic_cdk::api::data_certificate.
• response - The HttpResponse to add the certificate header to. Created using HttpResponse::builder().

Examples

use ic_http_certification::{HttpResponse, DefaultCelBuilder, utils::add_skip_certification_header, CERTIFICATE_EXPRESSION_HEADER_NAME, CERTIFICATE_HEADER_NAME};

let mut response = HttpResponse::builder().build();

// this should normally be retrieved using `ic_cdk::api::data_certificate()`.
let data_certificate = vec![1, 2, 3];

add_skip_certification_header(data_certificate, &mut response);

assert_eq!(
    response.headers(),
    vec![
        (
            CERTIFICATE_HEADER_NAME.to_string(),
            "certificate=:AQID:, tree=:2dn3gwJJaHR0cF9leHBygwJDPCo+gwJYIMMautvQsFn51GT9bfTani3Ah659C0BGjTNyJtQTszcjggNA:, expr_path=:2dn3gmlodHRwX2V4cHJjPCo+:, version=2".to_string(),
        ),
        (
            CERTIFICATE_EXPRESSION_HEADER_NAME.to_string(),
            DefaultCelBuilder::skip_certification().to_string()
        ),
    ]
);