nsinnovations/erpnext
2
0
Fork 0
mirror of https://github.com/frappe/erpnext.git synced 2026-05-07 15:25:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: validate hmac unconditionally (#28375)

Browse Source 
(cherry picked from commit c0f06bc8e3)

Co-authored-by: Ankush Menat <ankush@frappe.io>
This commit is contained in:
mergify[bot]
2021-11-12 14:53:51 +05:30
committed by GitHub
parent f79651c54d
commit d2af2b31e5
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
erpnext/erpnext_integrations/utils.py
View File

@@ -18,7 +18,6 @@ def validate_webhooks_request(doctype, hmac_key, secret_key='secret'):
)
if frappe.request.data and \
frappe.get_request_header(hmac_key) and \
not sig == bytes(frappe.get_request_header(hmac_key).encode()):
frappe.throw(_("Unverified Webhook Data"))
frappe.set_user(settings.modified_by)