Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-11 07:46:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug fix: https://community.cyberpanel.net/t/bug-report-github-webhook-not-working-after-cyberpanel-upgrade/58865

Browse Source
This commit is contained in:
usmannasir
2025-07-03 17:35:26 +05:00
parent eb0b01d8b1
commit a3d1b0d132
1 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
CyberCP/secMiddleware.py
View File

@@ -35,8 +35,12 @@ class secMiddleware:
logging.writeToFile(f'Path vs the final url : {pathActual}') logging.writeToFile(f'Path vs the final url : {pathActual}')
logging.writeToFile(FinalURL) logging.writeToFile(FinalURL)
# Define webhook pattern for secure matching
import re
webhook_pattern = re.compile(r'^/websites/[^/]+/(webhook|gitNotify)/?$')
if pathActual == "/backup/localInitiate" or pathActual == '/' or pathActual == '/verifyLogin' or pathActual == '/logout' or pathActual.startswith('/api')\ if pathActual == "/backup/localInitiate" or pathActual == '/' or pathActual == '/verifyLogin' or pathActual == '/logout' or pathActual.startswith('/api')\
or pathActual.endswith('/webhook') or pathActual.startswith('/cloudAPI') or pathActual.endswith('/gitNotify'): or webhook_pattern.match(pathActual) or pathActual.startswith('/cloudAPI'):
pass pass
else: else:
if os.path.exists(ProcessUtilities.debugPath): if os.path.exists(ProcessUtilities.debugPath):
@@ -102,6 +106,13 @@ class secMiddleware:
logging.writeToFile('Request body detected.. scanning') logging.writeToFile('Request body detected.. scanning')
logging.writeToFile(str(request.body)) logging.writeToFile(str(request.body))
# Skip validation entirely for webhook endpoints
# Webhook URLs are: /websites/<domain>/webhook or /websites/<domain>/gitNotify
# Use the same webhook pattern defined above
if webhook_pattern.match(pathActual):
response = self.get_response(request)
return response
# logging.writeToFile(request.body) # logging.writeToFile(request.body)
try: try:
data = json.loads(request.body) data = json.loads(request.body)
@@ -115,9 +126,6 @@ class secMiddleware:
logging.writeToFile(f'Key being scanned {str(key)}') logging.writeToFile(f'Key being scanned {str(key)}')
logging.writeToFile(f'Value being scanned {str(value)}') logging.writeToFile(f'Value being scanned {str(value)}')
if pathActual.find('gitNotify') > -1 or pathActual.endswith('/webhook') or pathActual.endswith('/gitNotify'):
break
# Skip validation for ports key to allow port ranges with colons # Skip validation for ports key to allow port ranges with colons
if key == 'ports': if key == 'ports':
continue continue