Skip to content

Node SDK webhook handler #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cb-karthikp wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Node SDK webhook handler #47

cb-karthikp wants to merge 10 commits into from

Conversation

@cb-karthikp
Copy link
Contributor

@cb-karthikp cb-karthikp commented Nov 24, 2025

  • Event handler and types for webhook events.

@snyk-io
Copy link

snyk-io bot commented Nov 24, 2025
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

cursor[bot]
cursor bot reviewed Nov 24, 2025
View reviewed changes
src/main/resources/templates/node/webhook_auth.ts.hbs Outdated

const credentials = Buffer.from(parts[1], 'base64').toString().split(':');
if (credentials.length !== 2) {
throw new Error("Invalid credentials");
Copy link

@cursor cursor bot Nov 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Password with colon rejected in Basic Auth

The Basic Auth parser splits credentials on all colons instead of only the first one. Per RFC 7617, passwords can contain colons, but split(':') creates multiple array elements when this happens. The subsequent check credentials.length !== 2 then incorrectly rejects valid credentials where the password contains a colon character.

Fix in Cursor Fix in Web

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cb-karthikp