feat: add webhook bearer auth support#619

LinuxSuRen · 2025-02-11T12:19:23Z

We highly recommend you read the contributor's documentation before starting the review process especially since this is your first contribution to this project.

It was updated on 2024/5/27

What type of PR is this?

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #

github-actions · 2025-02-11T12:20:18Z

There are 1 test cases, failed count 0:

Name	Average	Max	Min	Count	Error
	9.886111ms	10.54519ms	9.396278ms	3	0

Reported by api-testing.

pkg/mock/in_memory.go

-		w.Write([]byte(err.Error()))
-	}
+    if err == nil {
+        w.Write(data)


To fix the reflected cross-site scripting vulnerability, we need to ensure that any user-controlled data is properly sanitized or escaped before being written to the HTTP response. In this case, we can use the html.EscapeString function from the html package to escape any potentially dangerous characters in the data variable before writing it to the response.

codacy-production · 2025-02-11T12:21:20Z

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
✅ +0.20% (target: -1.00%)	❌ 73.63% (target: 80.00%)

Coverage variation details

	Coverable lines	Covered lines	Coverage
Common ancestor commit (`430d912`)	18750	7841	41.82%
Head commit (`a89ce37`)	19087 (+337)	8020 (+179)	42.02% (+0.20%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details

	Coverable lines	Covered lines	Diff coverage
Pull request (#619)	383	282	73.63%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings Change summary preferences

_{Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more}

pkg/mock/in_memory.go

…n/api-testing into feat/mock-webhook-auth

sonarqubecloud · 2025-02-15T02:43:33Z

Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarQube Cloud

feat: add webhook bearer auth support

4747515

LinuxSuRen added the enhancement New feature or request label Feb 11, 2025

github-advanced-security bot found potential problems Feb 11, 2025

View reviewed changes

add tpl func randFloat

7876940

LinuxSuRen requested a review from yuluo-yx as a code owner February 11, 2025 12:50

yuluo-yx reviewed Feb 12, 2025

View reviewed changes

pkg/mock/in_memory.go Show resolved Hide resolved

LinuxSuRen and others added 4 commits February 14, 2025 09:39

refactor run webhook

c3cf711

Merge branch 'feat/mock-webhook-auth' of https://github.com/linuxsure…

ef8123a

…n/api-testing into feat/mock-webhook-auth

add template func uptimeSeconds

8974df3

add random enum with weight feature

a89ce37

LinuxSuRen merged commit 4b4ee3a into master Feb 15, 2025
20 of 22 checks passed

LinuxSuRen deleted the feat/mock-webhook-auth branch February 15, 2025 06:54

@@ -40,2 +40,3 @@
                 "github.com/gorilla/mux"
+                "html"
             )
@@ -353,3 +354,4 @@
                 if err == nil {
-                    w.Write(data)
+                    escapedData := html.EscapeString(string(data))
+                    w.Write([]byte(escapedData))
                 } else {

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: add webhook bearer auth support#619