Compare HMAC of request body with X-Hub-Signature header

logsol / Github-Auto-Deploy

a server that allows you to automatically deploy the latest version of your github project at each git push

http://logsol.github.com/Github-Auto-Deploy/

MIT License

575 stars 187 forks source link

Compare HMAC of request body with X-Hub-Signature header #21

Open charlie-s opened 10 years ago

charlie-s commented 10 years ago

I think it would be smart to generate the HMAC of the request body using the secret key that's set when configuring the webhook and compare it with the X-Hub-Signature header that GitHub sends in the request.

NiclasLindqvist commented 8 years ago

:+1: