cursorius/webhooks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #25 from lukepatrick/v3

Browse Source 
Update bitbucket uuid check to allow a non-specified uuid, similar to…
This commit is contained in:
Dean Karn
2018-02-23 05:10:58 -08:00
committed by GitHub
parent 3667088d60 0c4911f7f5
commit c271ec3e32
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
bitbucket/bitbucket.go
+8 -4
View File
@@ -80,10 +80,14 @@ func (hook Webhook) ParsePayload(w http.ResponseWriter, r *http.Request) {
}
webhooks.DefaultLog.Debug(fmt.Sprintf("X-Hook-UUID:%s", uuid))
if uuid != hook.uuid {
webhooks.DefaultLog.Error(fmt.Sprintf("X-Hook-UUID does not match configured uuid of %s", hook.uuid))
http.Error(w, "403 Forbidden - X-Hook-UUID does not match", http.StatusForbidden)
return
if len(hook.uuid) > 0 {
if uuid != hook.uuid {
webhooks.DefaultLog.Error(fmt.Sprintf("X-Hook-UUID %s does not match configured uuid of %s", uuid, hook.uuid))
http.Error(w, "403 Forbidden - X-Hook-UUID does not match", http.StatusForbidden)
return
}
} else {
webhooks.DefaultLog.Debug("hook uuid not defined - recommend setting for improved security")
}
event := r.Header.Get("X-Event-Key")