Check content type and method

This commit is contained in:
Thorben Günther 2022-10-09 20:03:55 +02:00
parent d2243e3a13
commit 0bfa2cf7b9
No known key found for this signature in database
GPG key ID: 415CD778D8C5AFED

11
main.go
View file

@ -33,6 +33,17 @@ type alert struct {
func (rcv *receiver) handleWebhooks(w http.ResponseWriter, r *http.Request) { func (rcv *receiver) handleWebhooks(w http.ResponseWriter, r *http.Request) {
defer r.Body.Close() defer r.Body.Close()
if r.Method != http.MethodPost {
rcv.logger.Errorf("illegal HTTP method: expected %q, got %q", "POST", r.Method)
return
}
contentType := r.Header.Get("Content-Type")
if contentType != "application/json" {
rcv.logger.Errorf("illegal content type: %s", contentType)
return
}
var event payload var event payload
if err := json.NewDecoder(r.Body).Decode(&event); err != nil { if err := json.NewDecoder(r.Body).Decode(&event); err != nil {
rcv.logger.Error(err) rcv.logger.Error(err)