Skip to content

Stop validating 'href' for incoming events
Compare
Choose a tag to compare
@marz619 marz619 released this 11 Sep 19:25
· 11 commits to master since this release
0.5.0
bcc3a8e

0.5.0 (2017-09-11) via #18

  • The href of incoming webhook events is no longer validated. Rejecting an
    event with an unexpected href value would simply have resulted in
    repeated attempts to deliver that event again.

  • Incoming webhooks with incorrect signatures will be rejected by default and
    an error will be logged. If you wish to accept webhooks with incorrect
    signatures (and simply log a warning), set HOOKED_FAIL_ON_BAD_SIGNATURE
    to False

    If you believe that your webhook receiver is incorrectly rejecting webhooks,
    please ensure that your webhook subscription is using the same application
    key as is defined in your webhook receiver's GAPI_APPLICATION_KEY
    setting.

  • Settings changes:

    • GAPI_API_ROOT is no longer used by django-gapi-hooked
    • HOOKED_FAIL_ON_BAD_SIGNATURE defaults to True instead of False
Assets 2
Loading