Commit afb202b
committed
fix: Enforce mandatory webhook secret for GitLab validation
Enforced strict validation to require both the X-Gitlab-Token header
and a configured webhook secret. This prevented unauthenticated
requests that were previously accepted when both values were empty.
Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>1 parent 798eba6 commit afb202b
2 files changed
Lines changed: 28 additions & 14 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
137 | 137 | | |
138 | 138 | | |
139 | 139 | | |
140 | | - | |
141 | | - | |
| 140 | + | |
| 141 | + | |
| 142 | + | |
| 143 | + | |
| 144 | + | |
| 145 | + | |
142 | 146 | | |
143 | 147 | | |
144 | 148 | | |
145 | | - | |
| 149 | + | |
146 | 150 | | |
147 | 151 | | |
148 | 152 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1083 | 1083 | | |
1084 | 1084 | | |
1085 | 1085 | | |
1086 | | - | |
| 1086 | + | |
1087 | 1087 | | |
1088 | 1088 | | |
1089 | 1089 | | |
1090 | 1090 | | |
1091 | | - | |
1092 | | - | |
| 1091 | + | |
| 1092 | + | |
1093 | 1093 | | |
1094 | 1094 | | |
1095 | 1095 | | |
1096 | 1096 | | |
1097 | | - | |
1098 | | - | |
| 1097 | + | |
| 1098 | + | |
1099 | 1099 | | |
1100 | 1100 | | |
1101 | 1101 | | |
1102 | 1102 | | |
1103 | | - | |
1104 | | - | |
| 1103 | + | |
| 1104 | + | |
1105 | 1105 | | |
1106 | 1106 | | |
1107 | 1107 | | |
1108 | 1108 | | |
1109 | | - | |
1110 | | - | |
| 1109 | + | |
| 1110 | + | |
1111 | 1111 | | |
1112 | 1112 | | |
1113 | 1113 | | |
| 1114 | + | |
| 1115 | + | |
| 1116 | + | |
| 1117 | + | |
| 1118 | + | |
| 1119 | + | |
1114 | 1120 | | |
1115 | 1121 | | |
1116 | 1122 | | |
| |||
1127 | 1133 | | |
1128 | 1134 | | |
1129 | 1135 | | |
1130 | | - | |
1131 | | - | |
| 1136 | + | |
| 1137 | + | |
| 1138 | + | |
| 1139 | + | |
| 1140 | + | |
| 1141 | + | |
1132 | 1142 | | |
1133 | 1143 | | |
1134 | 1144 | | |
| |||
0 commit comments