From e6d02454fc01f48db3f9cf0245350cac349313b9 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@libreserver.org>
Date: Tue, 10 May 2022 17:02:36 +0100
Subject: [PATCH 1/2] Include a nonce within Json-LD signatures

---
 linked_data_sig.py | 2 ++
 tests.py           | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/linked_data_sig.py b/linked_data_sig.py
index 8da07dc97..a2790fc81 100644
--- a/linked_data_sig.py
+++ b/linked_data_sig.py
@@ -9,6 +9,7 @@ __email__ = "bob@libreserver.org"
 __status__ = "Production"
 __module_group__ = "Security"
 
+import random
 import base64
 import hashlib
 from datetime import datetime
@@ -100,6 +101,7 @@ def generate_json_signature(doc: {}, private_key_pem: str) -> None:
         return
     options = {
         "type": "RsaSignature2017",
+        "nonce": '%030x' % random.randrange(16**64),
         "creator": doc["actor"] + "#main-key",
         "created": datetime.utcnow().replace(microsecond=0).isoformat() + "Z",
     }
diff --git a/tests.py b/tests.py
index 9ccbf9984..7f6ba9a22 100644
--- a/tests.py
+++ b/tests.py
@@ -3880,9 +3880,9 @@ def _test_jsonld():
     assert signed_document
     assert signed_document.get('signature')
     assert signed_document['signature'].get('signatureValue')
+    assert signed_document['signature'].get('nonce')
     assert signed_document['signature'].get('type')
     assert len(signed_document['signature']['signatureValue']) > 50
-    # print str(signed_document['signature'])
     assert signed_document['signature']['type'] == 'RsaSignature2017'
     assert verify_json_signature(signed_document, public_key_pem)
 
@@ -3912,6 +3912,7 @@ def _test_jsonld():
     assert len(str(signed_document['signature']['signatureValue'])) > 340
     assert (signed_document['signature']['signatureValue'] !=
             signed_document2['signature']['signatureValue'])
+    print('json-ld tests passed')
 
 
 def _test_site_active():

From 3702d52c7e31a3934fb8dfdd03d7a16775d69bb3 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@libreserver.org>
Date: Tue, 10 May 2022 19:56:01 +0100
Subject: [PATCH 2/2] Web address should include prefix

---
 webapp_person_options.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/webapp_person_options.py b/webapp_person_options.py
index 50997fe0d..a35702199 100644
--- a/webapp_person_options.py
+++ b/webapp_person_options.py
@@ -203,9 +203,11 @@ def html_person_options(default_timeline: str,
             ': <a href="mailto:' + \
             email_address + '">' + remove_html(email_address) + '</a></p>\n'
     if web_address:
+        web_str = remove_html(web_address)
+        if '://' not in web_str:
+            web_str = 'https://' + web_str
         options_str += \
-            '<p class="imText">🌐 ' + \
-            '<a href="' + remove_html(web_address) + '">' + \
+            '<p class="imText">🌐 <a href="' + web_str + '">' + \
             web_address + '</a></p>\n'
     if xmpp_address:
         options_str += \