TRKJ/gitea
2
0
Fork 0
mirror of https://gitee.com/gitea/gitea synced 2025-11-04 16:40:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add sensitive headers (#3429)

Browse Source 
* Add HeaderWithSensitiveCase methods to respect casing

* Update webhook.go
This commit is contained in:
Antoine GIRARD
2018-01-30 23:09:16 +01:00
committed by Lauris BH
parent d09704e903
commit b3fd94c13d
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
models/webhook.go
View File

@@ -588,8 +588,8 @@ func (t *HookTask) deliver() {
Header("X-Gitea-Event", string(t.EventType)). Header("X-Gitea-Event", string(t.EventType)).
Header("X-Gogs-Delivery", t.UUID). Header("X-Gogs-Delivery", t.UUID).
Header("X-Gogs-Event", string(t.EventType)). Header("X-Gogs-Event", string(t.EventType)).
Header("X-GitHub-Delivery", t.UUID). HeaderWithSensitiveCase("X-GitHub-Delivery", t.UUID).
Header("X-GitHub-Event", string(t.EventType)). HeaderWithSensitiveCase("X-GitHub-Event", string(t.EventType)).
SetTLSClientConfig(&tls.Config{InsecureSkipVerify: setting.Webhook.SkipTLSVerify}) SetTLSClientConfig(&tls.Config{InsecureSkipVerify: setting.Webhook.SkipTLSVerify})
switch t.ContentType { switch t.ContentType {

6
modules/httplib/httplib.go
View File

@@ -164,6 +164,12 @@ func (r *Request) Header(key, value string) *Request {
return r return r
} }
// HeaderWithSensitiveCase add header item in request and keep the case of the header key.
func (r *Request) HeaderWithSensitiveCase(key, value string) *Request {
r.req.Header[key] = []string{value}
return r
}
// Headers returns headers in request. // Headers returns headers in request.
func (r *Request) Headers() http.Header { func (r *Request) Headers() http.Header {
return r.req.Header return r.req.Header