schuetz3/schuetz3-erpnext
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(WooCommerce): always expect signature in webhook requests (#28367)

Browse Source 
(cherry picked from commit 24b048925b)

Co-authored-by: Sagar Vora <sagar@resilient.tech>
This commit is contained in:
mergify[bot]
2021-11-12 14:09:53 +05:30
committed by GitHub
parent 399c0a6452
commit 731f0d71b9
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
erpnext/erpnext_integrations/connectors/woocommerce_connection.py
View File

@@ -22,8 +22,7 @@ def verify_request():
) )
if frappe.request.data and \ if frappe.request.data and \
frappe.get_request_header("X-Wc-Webhook-Signature") and \ not sig == frappe.get_request_header("X-Wc-Webhook-Signature", "").encode():
not sig == bytes(frappe.get_request_header("X-Wc-Webhook-Signature").encode()):
frappe.throw(_("Unverified Webhook Data")) frappe.throw(_("Unverified Webhook Data"))
frappe.set_user(woocommerce_settings.creation_user) frappe.set_user(woocommerce_settings.creation_user)