IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

MM-35344: Trust Requester for webhook endpoints (#19855)

Browse Source 
Without this, the endpoint throws CSRF warnings
if a token is passed.

https://mattermost.atlassian.net/browse/MM-35344

```release-note
NONE
```
This commit is contained in:
Agniva De Sarker
2022-03-29 14:42:29 +05:30
committed by GitHub
parent d33ef8d79c
commit 773ec991a8
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
web/webhook.go
View File

@@ -18,8 +18,8 @@ import (
)
func (w *Web) InitWebhooks() {
w.MainRouter.Handle("/hooks/commands/{id:[A-Za-z0-9]+}", w.NewHandler(commandWebhook)).Methods("POST")
w.MainRouter.Handle("/hooks/{id:[A-Za-z0-9]+}", w.NewHandler(incomingWebhook)).Methods("POST")
w.MainRouter.Handle("/hooks/commands/{id:[A-Za-z0-9]+}", w.APIHandlerTrustRequester(commandWebhook)).Methods("POST")
w.MainRouter.Handle("/hooks/{id:[A-Za-z0-9]+}", w.APIHandlerTrustRequester(incomingWebhook)).Methods("POST")
}
func incomingWebhook(c *Context, w http.ResponseWriter, r *http.Request) {