pep/cusku
1
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity

Dissociate content-type and token check

Browse source 
Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>
This commit is contained in:
Maxime “pep” Buquet 2024-07-04 03:16:58 +02:00
parent d73e149cb4
commit 0bf9f107b5
Signed by: pep
GPG key ID: DEDA74AEECA9D0F2
1 changed files with 7 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
src/web.rs
View file

@ -42,23 +42,19 @@ async fn webhooks_inner(req: Request<Incoming>, token: Option<&String>) -> Resul
_ => return Err(Error::MethodMismatch), _ => return Err(Error::MethodMismatch),
} }
if token.is_none() {
return Err(Error::InvalidToken);
}
let token: &str = token.unwrap();
debug!("Headers: {:?}", req.headers()); debug!("Headers: {:?}", req.headers());
let headers = req.headers(); let headers = req.headers();
if let Some(content_type) = headers.get(header::CONTENT_TYPE) if let Some(content_type) = headers.get(header::CONTENT_TYPE)
&& let Some(header_token) = headers.get("X-Gitlab-Token") && content_type != "application/json"
{ {
if content_type != "application/json" { return Err(Error::InvalidContentType);
return Err(Error::InvalidContentType); }
}
if header_token != token { if let Some(token) = token {
return Err(Error::InvalidToken); match headers.get("X-Gitlab-Token") {
Some(val) if val == token => (),
_ => return Err(Error::InvalidToken),
} }
} }