From e81fdae1ade9eee3cf36c4a785352a479f2eb241 Mon Sep 17 00:00:00 2001 From: Boris Kolpackov Date: Mon, 13 May 2024 13:28:42 +0200 Subject: Review --- mod/mod-ci-github.cxx | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'mod/mod-ci-github.cxx') diff --git a/mod/mod-ci-github.cxx b/mod/mod-ci-github.cxx index a99e516..ce2e4ec 100644 --- a/mod/mod-ci-github.cxx +++ b/mod/mod-ci-github.cxx @@ -34,7 +34,7 @@ // // - Pull requests. Handle // -// - Choose strong webhook secret +// - Choose strong webhook secret (when deploying). // // - Check that delivery UUID has not been received before (replay attack). // @@ -115,6 +115,7 @@ namespace brep // string event; // Webhook event. string hmac; // Received HMAC. + try { bool content_type (false); @@ -181,6 +182,11 @@ namespace brep if (hmac.empty ()) throw invalid_request (400, "missing x-hub-signature-256 header"); } + catch (const invalid_request& e) + { + error << "request header error: " << e.content; + throw; + } // Read the entire request body into a buffer because we need to compute // an HMAC over it and then parse it as JSON. The alternative of reading @@ -535,7 +541,10 @@ namespace brep // warn << "check run " << bid << ": unexpected rebuild"; } - else {} // Ignore interrupted. + else + { + // Ignore interrupted. + } } else { @@ -678,7 +687,10 @@ namespace brep cr = move (*scr); cr->state_synced = false; } - else {} // Network error during queued notification, ignore. + else + { + // Network error during queued notification, ignore. + } } else warn << "check run " << bid << ": out of order building " -- cgit v1.1