Skip to content

Fix url validation in webhook add/edit API #34492

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 17, 2025
Merged

Fix url validation in webhook add/edit API #34492

merged 2 commits into from
May 17, 2025

Conversation

lunny
Copy link
Member

@lunny lunny commented May 16, 2025

Fix #34491

@lunny lunny added type/bug backport/v1.24 This PR should be backported to Gitea 1.24 labels May 16, 2025
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label May 16, 2025
@github-actions github-actions bot added modifies/api This PR adds API routes or modifies them modifies/go Pull requests that update Go code labels May 16, 2025
@lunny lunny mentioned this pull request May 16, 2025
Merged
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels May 16, 2025
ChristopherHX
ChristopherHX approved these changes May 17, 2025
View reviewed changes
Copy link
Contributor

@ChristopherHX ChristopherHX left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like edithook might be able to get more tests. At least I am now aware of an undetected bug from my side workflow_job can not be enabled via an edit api request (will follow up on this very soon).

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels May 17, 2025
@techknowlogick techknowlogick enabled auto-merge (squash) May 17, 2025 19:40
@techknowlogick techknowlogick added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label May 17, 2025
@techknowlogick techknowlogick merged commit 9723810 into go-gitea:main May 17, 2025
26 checks passed
@GiteaBot GiteaBot added this to the 1.25.0 milestone May 17, 2025
GiteaBot pushed a commit to GiteaBot/gitea that referenced this pull request May 17, 2025
@lunny @GiteaBot
Fix url validation in webhook add/edit API (go-gitea#34492)
7e2b114
@GiteaBot GiteaBot mentioned this pull request May 17, 2025
Merged
@GiteaBot GiteaBot added backport/done All backports for this PR have been created and removed reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. labels May 17, 2025
lunny added a commit that referenced this pull request May 17, 2025
@GiteaBot @lunny
Fix url validation in webhook add/edit API (#34492) (#34496)
8bf4f2c 
Backport #34492 by @lunny

Fix #34491

Co-authored-by: Lunny Xiao <[email protected]>
@lunny lunny deleted the lunny/fix_url_validation_webhook_api branch May 17, 2025 22:32
zjjhot added a commit to zjjhot/gitea that referenced this pull request May 19, 2025
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
94d765d 
* giteaofficial/main:
  [skip ci] Updated translations via Crowdin
  Fix edithook api can not update package, status and workflow_job events (go-gitea#34495)
  Fix url validation in webhook add/edit API (go-gitea#34492)
  Add R-HNF to the TRANSLATORS file (go-gitea#34494)
  Add missing setting load in dump-repo command (go-gitea#34479)
  nix flake update (go-gitea#34476)
  Fix get / delete runner to use consistent http 404 and 500 status (go-gitea#34480)
  Change "rejected" to "changes requested" in 3rd party PR review notification (go-gitea#34481)
  Add migrations tests (go-gitea#34456)
  Fix project board view (go-gitea#34470)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@techknowlogick techknowlogick techknowlogick approved these changes

@ChristopherHX ChristopherHX ChristopherHX approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created backport/v1.24 This PR should be backported to Gitea 1.24 lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/api This PR adds API routes or modifies them modifies/go Pull requests that update Go code type/bug
Projects
None yet
Milestone
1.25.0
Development

Successfully merging this pull request may close these issues.

Webhooks - API does not validate target URL
4 participants
@lunny @techknowlogick @ChristopherHX @GiteaBot