mirrors/webhook
1
0
Fork 0
mirror of https://github.com/adnanh/webhook.git synced 2025-06-27 14:58:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
409 commits 8 branches 32 tags 12 MiB
Commit graph

409 commits

This branch
This branch
All branches
Author SHA1 Message Date
Cameron Moore
a03e812615 Update HTTP methods to sanitize user input 2019-12-26 14:54:27 -06:00
Cameron Moore
c38778ba62 Add HTTP methods cli parameter 
Allows to globally restrict HTTP methods.

Fixes #248
 2019-12-26 14:54:27 -06:00
Cameron Moore
3414f34025 Add per-hook HTTP method restrictions 2019-12-26 14:54:01 -06:00
Adnan Hajdarević
66562fdb41
Merge pull request #379 from moorereason/feature/drop-privs 
Add setuid and setgid options for dropping privileges
 2019-12-26 20:48:07 +01:00
Cameron Moore
77159d9db6 Add setuid & setgid options 
Only applicable on unix systems, although Go doesn't support Linux at
this time.
 2019-12-26 10:30:31 -06:00
Cameron Moore
35d1cedc24 Rewrite server to use explicit listener 2019-12-26 10:29:14 -06:00
Adnan Hajdarević
f38dfbbf78
Merge pull request #373 from moorereason/feature/multipart 
Add multipart form data support
 2019-12-26 12:46:31 +01:00
Adnan Hajdarević
78b0610218
Merge pull request #378 from moorereason/feature/sighup 
Add SIGHUP support
 2019-12-26 12:46:12 +01:00
Cameron Moore
c6c270c7dd Add SIGHUP support 
Fixes #352
 2019-12-25 14:10:57 -06:00
Cameron Moore
1c779a0d75 Update multipart form data logic 
All form values are simply added to the payload map without processing.
JSON parsing of values happens later.
 2019-12-25 09:08:23 -06:00
Cameron Moore
8702b37430 Add multipart form data examples 2019-12-25 09:05:15 -06:00
Cameron Moore
5b4e60e7d7 Add multipart form data section to README 2019-12-25 09:05:15 -06:00
Cameron Moore
93632d077c Add multipart form data support 2019-12-25 09:05:15 -06:00
Adnan Hajdarević
cc5cbae14f
Merge pull request #376 from moorereason/feature/xml 
Add XML payload support
 2019-12-25 08:32:09 +01:00
Cameron Moore
779ff0ad10 Fix XML error message 2019-12-24 19:47:21 -06:00
Adnan Hajdarević
d8bd2662ff
Merge pull request #375 from moorereason/feature/gorilla-only 
Use gorilla/mux for middleware and extend
 2019-12-24 23:21:01 +01:00
Cameron Moore
28e0012470 Update XML docs 2019-12-24 16:09:55 -06:00
Cameron Moore
3463804a7c Add XML payload support 
Fixes #238
 2019-12-24 15:58:49 -06:00
Cameron Moore
3f4520da67 Require Go 1.13+ 2019-12-24 14:56:01 -06:00
Cameron Moore
be815d0a41 Use gorilla/mux for middleware and extend 
- Use gorilla/mux for middleware.
- Add Dumper, RequestID, and Logger middlewares.
- Add makeURL helper
 2019-12-24 11:57:26 -06:00
Adnan Hajdarević
93ce24d3f3
Merge pull request #371 from moorereason/feature/internal-hook 
Make hook package internal
 2019-12-23 09:34:48 +01:00
Cameron Moore
40d9dcd6d4 Make hook package internal 
The hook package API is not meant for public consumption.
 2019-12-21 11:55:42 -06:00
Adnan Hajdarević
c872aae7e8
Merge pull request #369 from moorereason/feature/gofrs-uuid 
Use gofrs/uuid instead of satori/go.uuid
 2019-12-19 07:52:43 +01:00
Cameron Moore
8ff3848ea3 Use gofrs/uuid instead of satori/go.uuid 
The satori package appears to be unmaintained.  The gofrs package is a
fork that is actively maintained by a larger group of Go developers.
 2019-12-18 21:17:13 -06:00
Adnan Hajdarević
7b87d6092f
Merge pull request #368 from moorereason/feature/go-mod 
Use Go modules
 2019-12-18 10:52:56 +01:00
Cameron Moore
669414ca70 Use Go modules 
Fixes #367
 2019-12-17 12:34:59 -06:00
Adnan Hajdarevic
8fe6c9a05d Update version to 2.6.11 2019-12-15 14:30:54 +01:00
Adnan Hajdarević
7c4e6e94fc
Merge pull request #365 from moorereason/feature/364-constant-time 
Use constant time string compare for match value
 2019-12-11 07:06:12 +01:00
Cameron Moore
31e76bcd00 Use constant time string compare for match value 
Fixes #364
 2019-12-10 22:22:13 -06:00
Adnan Hajdarević
c47c06e822
Merge pull request #363 from moorereason/feature/arm64-travisci 
Add arm64 to Travis CI
 2019-12-10 00:23:38 +01:00
Cameron Moore
bf3d042da6 Use master instead of tip 2019-12-09 16:57:55 -06:00
Cameron Moore
d05911cdcb Add arm64 to Travis CI 2019-12-09 16:50:19 -06:00
Adnan Hajdarević
634ca84807
Merge pull request #362 from moorereason/feature/cipher-suites 
Feature/cipher suites
 2019-12-09 21:52:25 +01:00
Cameron Moore
8c46a8343b Document minimum Go release 2019-12-05 17:01:38 -06:00
Cameron Moore
13d5630e80 Update docs for TLS version and cipher suite options 2019-12-03 21:36:14 -06:00
Cameron Moore
f1003560f1 Add list cipher suites support 2019-12-03 21:35:16 -06:00
Cameron Moore
997db04b9f Require Go 1.12 or newer 
Go 1.11 does not support TLS 1.3.  To simplify cipher suite selection,
we now require at least Go 1.12.
 2019-12-03 21:31:23 -06:00
Cameron Moore
769e743563 Add missing files 2019-12-03 15:21:18 -06:00
Cameron Moore
43f519a712 Add TLS version and cipher suites options 
Default to TLS 1.2 and secure cipher suites.

Built for Go 1.13. Code in cipher_suites.go taken from Go tip commit
0ee22d9, which is scheduled for the upcoming Go 1.14 release.  Once Go
1.14 is released, we can remove this file and use the stdlib.

Fixes #244
 2019-12-03 15:13:12 -06:00
Adnan Hajdarević
a617b1a6ac
Merge pull request #361 from adnanh/feature/check-payload-hash-sha512 
Add SHA512 payload check rule
 2019-12-02 22:34:07 +01:00
Adnan Hajdarević
9117f4f6d6
Merge pull request #360 from adnanh/improvement/content-type-based-payload-parsing 
Fix invalid assumption that multipart forms can be parsed in te same way as urlencoded forms.
 2019-12-02 22:33:45 +01:00
Adnan Hajdarevic
b53996f175 Add tests for SHA512 payload hash check rule. 2019-12-02 19:49:56 +01:00
Adnan Hajdarevic
154177e46a Add documentation for SHA512 payload hash check rule. 2019-12-02 19:49:34 +01:00
Adnan Hajdarevic
d4e98281d7 Add SHA512 payload check rule. 2019-12-02 19:48:59 +01:00
Adnan Hajdarevic
ce186487f4 Format the file using go fmt. 2019-12-02 19:03:38 +01:00
Adnan Hajdarevic
1110f82443 Add test for unsupported content type error message. 2019-12-02 19:01:20 +01:00
Adnan Hajdarevic
a99abd4e6f Fix invalid assumption in code that multipart forms can be parsed in the same way as urlencoded forms. 
Refactored code to use switch-case statement over the `Content-Type` header and log unsupported content types instead of silently failing.
Also made the `x-www-form-urlencoded` content type handler more specific (as opposed to the previous code which looked for `form` occurence in the value),
as we need to use different logic for multipart forms, which we'll hopefully implement soon.

The issue with multipart forms that we have to handle first is that the files are being written to temporary files, and as such, for async hooks
webhook cannot guarantee they'll be available after we close the request; that, and the fact that we don't have code that will properly serialize
and pass such Golang objects to the script, as there are several fields which might be interesting to the end user.
 2019-12-02 18:49:24 +01:00
Adnan Hajdarevic
34ae132930 Bump webhook version to 2.6.10 2019-09-24 19:45:40 +02:00
Adnan Hajdarevic
f993aaa11c Merge branch 'master' into development 2019-09-24 19:35:31 +02:00
Adnan Hajdarević
d82e838554
Merge pull request #342 from moorereason/doc-content-type 
Document incoming-payload-content-type hook setting
 2019-09-21 11:50:46 +02:00