summaryrefslogtreecommitdiff
path: root/src/server/api/service/github.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/api/service/github.ts')
-rw-r--r--src/server/api/service/github.ts8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/server/api/service/github.ts b/src/server/api/service/github.ts
index ee226cc5cc..cd9760a36d 100644
--- a/src/server/api/service/github.ts
+++ b/src/server/api/service/github.ts
@@ -35,10 +35,14 @@ if (config.github_bot != null) {
const secret = config.github_bot.hook_secret;
router.post('/hooks/github', ctx => {
+ const body = JSON.stringify(ctx.request.body);
+ const hash = crypto.createHmac('sha1', secret).update(body).digest('hex');
const sig1 = new Buffer(ctx.headers['x-hub-signature']);
- const sig2 = new Buffer(`sha1=${crypto.createHmac('sha1', secret).update(JSON.stringify(ctx.body)).digest('hex')}`);
+ const sig2 = new Buffer(`sha1=${hash}`);
+
+ // シグネチャ比較
if (sig1.equals(sig2)) {
- handler.emit(ctx.headers['x-github-event'], ctx.body);
+ handler.emit(ctx.headers['x-github-event'], ctx.request.body);
ctx.status = 204;
} else {
ctx.status = 400;
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 23:26:13 +0000