We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
djangoproject.com/fundraising/views.py
Lines 196 to 201 in 5537f96
The Stripe library already has a method to do this https://docs.stripe.com/webhooks?lang=python#verify-webhook-signatures-with-official-libraries
The text was updated successfully, but these errors were encountered:
Fixed django#1765 -- Actually validate signature of stripe webook req…
b3ce2eb
…uests
@alexgmin I've opened a PR for this: #1770
Does that seem ok to you?
Sorry, something went wrong.
No branches or pull requests
djangoproject.com/fundraising/views.py
Lines 196 to 201 in 5537f96
Instead of calling Stripe with the event id it should verify the source of the event and prevent replay attacks as indicated here
https://docs.stripe.com/webhooks#verify-events
The Stripe library already has a method to do this https://docs.stripe.com/webhooks?lang=python#verify-webhook-signatures-with-official-libraries
The text was updated successfully, but these errors were encountered: