mirror of
1
Fork 0
Commit Graph

7 Commits

Author SHA1 Message Date
Cacciuc a31a6e3996
proper signature validation (#13523)
$header_signature could be a typed float (start with 0e and then only numbers) and a float does equal a string when comparing with typed juggle.
eg: 0e123 != "abc" does return false, but 0e123 !== "abc" returns true.

you previously could circumvent the signature check when providing a header signature in the float format (0e...)

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-11-13 13:28:15 -05:00
JustAnotherArchivist eced03db0a
Add deprecation notice for webhook payload's secret field (#13330) 2020-10-27 20:06:35 +00:00
James Lakin a9f4489bbc
System-wide webhooks (#10546)
* Create system webhook column (and migration)

* Create system webhook DB methods

Based on the default webhook ones

* Modify router to handle system webhooks and default ones

* Remove old unused admin nav template

* Adjust orgRepoCtx to differentiate system and default webhook URLs

* Assign IsSystemWebhook when creating webhooks

* Correctly use booleans for IsSystemWebhook

* Use system webhooks when preparing webhooks for payload

* Add UI and locale changes

* Use router params to differentiate admin hook pages

* Fix deleting admin webhooks and rename method

* Add clarity to webhook docs

* Revert "Remove old unused admin nav template"

This reverts commit 191a20a738.

* Rename WebHooksNewPost to GiteaHooksNewPost for clarity

* Reintroduce blank line lost during merge conflict

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-03-09 00:08:05 +02:00
8ctopus e270896a83 Doc updated list of supported webhooks and added example (#8388)
* Doc updated list of supported webhooks and added example

* Replaced webhook password verification by signature verification
2019-10-09 23:33:03 +01:00
Aidan Fitzgerald f5cf9a8355 Copyedit docs (#6275) 2019-03-09 16:15:45 -05:00
Michael Lustfield 3ee8be3849 General documentation cleanup (#3317)
* Clean up spelling, grammar, perspective, whitespace, language, markup, etc.
2018-01-08 23:48:42 +01:00
techknowlogick fb5c6b6444 Import docs into main repository (#2874)
* import docs into main repository

Signed-off-by: Matti Ranta <matti@mdranta.net>
2017-11-26 23:44:32 +02:00