Ghost/ghost/admin/app/validators
Georg Grauberger 36d9ae36ae
Added secret handling for webhooks (#13980)
closes: https://github.com/TryGhost/Team/issues/1203
refs: https://github.com/TryGhost/Ghost/issues/9942

- Ensures that the webhook secret is validated and saved in Ghost admin
- Then makes use of this value by optionally adding an X-Ghost-Signature header that effectively signs the webhooks
- This allows for verifying the source of a webhook coming from Ghost is truly Ghost.
- Uses the same pattern as GitHub uses: https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks

Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-08-23 16:34:32 +01:00
..
mixins Update dependency eslint-plugin-ghost to v2.14.0 (#2441) 2022-08-03 12:21:16 +01:00
base.js Refactored usage of .get('property') with es5 getters 2019-03-06 13:54:14 +00:00
custom-view.js Added default and custom post views (filters) to the admin sidebar (#1474) 2020-01-30 15:35:36 +00:00
integration.js Switch from embor-browserify to ember-auto-import 2019-01-22 13:09:38 +00:00
invite-user.js Switch from embor-browserify to ember-auto-import 2019-01-22 13:09:38 +00:00
label.js Added labels for Members (#1477) 2020-02-14 15:04:01 +05:30
member.js Fixed incorrect validation when member's name is too long 2020-05-11 11:40:38 +01:00
nav-item.js Switch from embor-browserify to ember-auto-import 2019-01-22 13:09:38 +00:00
new-user.js Switch from embor-browserify to ember-auto-import 2019-01-22 13:09:38 +00:00
newsletter.js Updated newsletter management for switch to nullable sender_name 2022-04-15 09:43:22 +01:00
offer.js Updated error message 2022-08-17 21:27:02 +02:00
post.js Fixed scheduled publishedAt validation being triggered unexpectedly 2022-05-19 23:11:01 +01:00
reset.js Switch from embor-browserify to ember-auto-import 2019-01-22 13:09:38 +00:00
setting.js Refactored to use individual slack settings (#2384) 2022-05-16 11:38:32 +01:00
setup.js Updated error copy on setup page 2022-03-08 20:23:55 +00:00
signin.js Refactored usage of .get('property') with es5 getters 2019-03-06 13:54:14 +00:00
signup.js Update package.json details, rename module to ghost-admin 2016-06-03 16:12:54 +01:00
snippet.js Added max length validation to snippet's name field 2020-10-16 19:22:09 +01:00
subscriber.js Switch from embor-browserify to ember-auto-import 2019-01-22 13:09:38 +00:00
tag-settings.js Switch from embor-browserify to ember-auto-import 2019-01-22 13:09:38 +00:00
tier-benefit-item.js Renamed products to tiers (#2372) 2022-05-11 22:41:54 +05:30
tier.js Renamed products to tiers (#2372) 2022-05-11 22:41:54 +05:30
user.js Switch from embor-browserify to ember-auto-import 2019-01-22 13:09:38 +00:00
webhook.js Added secret handling for webhooks (#13980) 2022-08-23 16:34:32 +01:00