Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Opencve 2.0 does not add headers to webhook #416

Open
MalfuncEddie opened this issue Sep 13, 2024 · 1 comment
Open

Opencve 2.0 does not add headers to webhook #416

MalfuncEddie opened this issue Sep 13, 2024 · 1 comment
Labels
bug Something isn't working v2 This issues will be fixed in OpenCVE v2

Comments

@MalfuncEddie
Copy link

MalfuncEddie commented Sep 13, 2024
edited
Loading

Expected Behavior

added

{"Content-Type": "application/json", "X-Token": "xxxxx"}

in gui

{
    "timestamp": "2024-09-13 09:04:54.989189",
    "headers": {
        "Host": "172.31.4.66:5000",
        "Accept": "*/*",
        "Accept-Encoding": "gzip, deflate",
        "User-Agent": "Python/3.11 aiohttp/3.9.3",
        "Content-Length": "3401",
        "Content-Type": "application/json",
        "X-Token": "xxxxx",
    },
    "payload": {
     ...
        "changes": [
...

Actual Behavior

header X-Token is missing

{
    "timestamp": "2024-09-13 09:04:54.989189",
    "headers": {
        "Host": "172.31.4.66:5000",
        "Accept": "*/*",
        "Accept-Encoding": "gzip, deflate",
        "User-Agent": "Python/3.11 aiohttp/3.9.3",
        "Content-Length": "3401",
        "Content-Type": "application/json"

    },
    "payload": {
     ...
        "changes": [
...

Steps to Reproduce the Problem

  • add headers in gui and set the webhook to (http://ip/webhook)
  • create script (pip install flask)
  • run script
  • trigger notification
from flask import Flask, request
import json
import os
from datetime import datetime

app = Flask(__name__)

# Define the path to store the dumped data
LOG_FILE = 'webhook_debug.log'

def dump_to_file(data):
    with open(LOG_FILE, 'a') as f:
        f.write(f"{data}\n\n")

@app.route('/webhook', methods=['POST'])
def webhook():
    # Get the headers
    headers = dict(request.headers)

    # Get the JSON payload (or raw data if needed)
    try:
        payload = request.get_json()
    except Exception as e:
        payload = request.data.decode('utf-8')

    # Prepare the dump content
    dump_content = {
        "timestamp": str(datetime.now()),
        "headers": headers,
        "payload": payload
    }

    # Write to file for debugging purposes
    dump_to_file(json.dumps(dump_content, indent=4))

    # Respond to the webhook request
    return 'Webhook received and logged', 200


if __name__ == '__main__':
    # Run the Flask server
    app.run(host='0.0.0.0', port=5000)

Specifications

  • OpenCVE version: v2 branch
  • Python version: (what is in the docker image
  • Platform: Ubuntu

Screenshots (optional)
@MalfuncEddie
Copy link
Author

scheduler\dags\includes\notifiers.py

adding self.headers = self.config.get("extras").get("headers")

class WebhookNotifier(BaseNotifier):
    type = "webhook"

    def __init__(self, *args, **kwargs):
        super().__init__(self, *args, **kwargs)
        self.url = self.config.get("extras").get("url")
        self.headers = self.config.get("extras").get("headers")

and headers=self.headers,



        try:
            async with self.session.post(
                self.url,
                json=self.prepare_payload(),
                timeout=self.request_timeout,
                headers=self.headers,
            ) as response:
                json_response = await response.json()
                status_code = response.status

solves it

@ncrocfer ncrocfer added bug Something isn't working v2 This issues will be fixed in OpenCVE v2 labels Sep 13, 2024
@ncrocfer ncrocfer mentioned this issue Oct 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working v2 This issues will be fixed in OpenCVE v2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ncrocfer @MalfuncEddie