Fix signature error with email in params

There is an issue with signature creation for requests involving emails (subaccount requests). The query params are encoded and then the signature is created from encoded query, but for the signature to be correct, it has to be created on decoded query, and encoded after signature is created. email=xxx%40xxx.com this is encoded, and therefore creates wrong signature, so we need to decode it, when creating the signature. I encountered this only for emails in params, but could also happen in other cases
carlosmiei · Nov 6, 2022 · b9a4915 · b9a4915
1 parent 583a34a
commit b9a4915
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/node-binance-api.js b/node-binance-api.js
@@ -328,7 +328,7 @@ let api = function Binance( options = {} ) {
         data.timestamp = new Date().getTime() + Binance.info.timeOffset;
         if ( typeof data.recvWindow === 'undefined' ) data.recvWindow = Binance.options.recvWindow;
         let query = method === 'POST' && noDataInSignature ? '' : makeQueryString( data );
-        let signature = crypto.createHmac( 'sha256', Binance.options.APISECRET ).update( query ).digest( 'hex' ); // set the HMAC hash header
+        let signature = crypto.createHmac( 'sha256', Binance.options.APISECRET ).update( encodeURIComponent(query) ).digest( 'hex' ); // set the HMAC hash header
         if ( method === 'POST' ) {
             let opt = reqObjPOST(
                 url,