Open OlegKunitsyn opened 2 years ago
Inbound Parse API does not provide any security controls against a malicious sender.
https://github.com/sendgrid/sendgrid-php/blob/main/USAGE.md#create-a-parse-setting
A backward-compatibe and quick solution might be a Message Authentication Code sent via X-MAC header i.e a salted by the API key hash of the payload.
Issue Summary
Inbound Parse API does not provide any security controls against a malicious sender.
Steps to Reproduce
https://github.com/sendgrid/sendgrid-php/blob/main/USAGE.md#create-a-parse-setting
Technical Details
A backward-compatibe and quick solution might be a Message Authentication Code sent via X-MAC header i.e a salted by the API key hash of the payload.
References