mirrors/webhook
1
0
Fork 0
mirror of https://github.com/adnanh/webhook.git synced 2025-10-04 13:41:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Never disclose expected payload signature

Browse source 
Fixes #85
This commit is contained in:
Cameron Moore 2016-08-25 12:00:46 -05:00
parent 54a9dbe1d6
commit 1219fe9859
2 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
hook/hook.go
View file

@ -93,7 +93,7 @@ func CheckPayloadSignature(payload []byte, secret string, signature string) (str
expectedMAC := hex.EncodeToString(mac.Sum(nil))
if !hmac.Equal([]byte(signature), []byte(expectedMAC)) {
return expectedMAC, &SignatureError{expectedMAC}
return expectedMAC, &SignatureError{signature}
}
return expectedMAC, err
}