search

trilbymedia / grav-plugin-git-sync

Collaboratively Synchronize your Grav `user` folder hosted on GitHub, BitBucket or GitLab
Apache License 2.0
240 stars 58 forks source link

Add authorization checking for Gitea webhooks #149

Closed aisbergg closed 4 years ago

aisbergg commented 4 years ago

Add authorization checking for Gitea webhooks.

The webhooks of Gitea and Gogs include the secret inside the json payload (see https://docs.gitea.io/en-us/webhooks/ ). All the PR does is decode the json and compare the given secret with the stored webhook secret.

w00fz commented 4 years ago

Not sure how I missed this. Thanks!