gitea: don't check webhook signature if not sent
old versions of gitea doesn't provide a webhook signature but just the secret in the payload TODO(sgotti) check the payload secret in this case
This commit is contained in:
parent
b3867fb7ca
commit
b8bdd096fe
|
@ -52,8 +52,9 @@ func (c *Client) ParseWebhook(r *http.Request, secret string) (*types.WebhookDat
|
|||
}
|
||||
|
||||
// verify signature
|
||||
if secret != "" {
|
||||
signature := r.Header.Get(signatureHeader)
|
||||
signature := r.Header.Get(signatureHeader)
|
||||
// old versions of gitea doesn't provide a signature
|
||||
if secret != "" && signature != "" {
|
||||
ds, err := hex.DecodeString(signature)
|
||||
if err != nil {
|
||||
return nil, errors.Errorf("wrong webhook signature")
|
||||
|
|
Loading…
Reference in New Issue