Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(Github Trigger Node): Enforce SSL validation by default #8265

Merged
merged 2 commits into from
Jan 9, 2024
Merged

Conversation

netroy
Copy link
Member

@netroy netroy commented Jan 8, 2024

Github webhooks in n8n currently do not validate n8n host's SSL certificate, and that can be security issue.
This PR adds and option to allow disable the certificate validation during the webhook creation, but the option is false by default.

Related tickets and issues

Fixes #8263

Review / Merge checklist

  • PR title and summary are descriptive

@netroy netroy added the security label Jan 8, 2024
@n8n-assistant n8n-assistant bot added n8n team Authored by the n8n team node/improvement New feature or request labels Jan 8, 2024
Copy link
Contributor

github-actions bot commented Jan 8, 2024

✅ All Cypress E2E specs passed

Copy link

cypress bot commented Jan 8, 2024

3 flaky tests on run #3653 ↗︎

0 330 5 0 Flakiness 3

Details:

🌳 🖥️ browsers:node18.12.0-chrome107 🤖 netroy 🗃️ e2e/*
Project: n8n Commit: 9faeb15485
Status: Passed Duration: 07:03 💡
Started: Jan 8, 2024 7:03 PM Ended: Jan 8, 2024 7:10 PM
Flakiness  17-sharing.cy.ts • 1 flaky test

View Output Video

Test Artifacts
Sharing > should work for admin role on credentials created by others (also can share it with themselves) Screenshots Video
Flakiness  24-ndv-paired-item.cy.ts • 1 flaky test

View Output Video

Test Artifacts
NDV > resolves expression with default item when input node is not parent, while still pairing items Screenshots Video
Flakiness  29-templates.cy.ts • 1 flaky test

View Output Video

Test Artifacts
Templates > should save template id with the workflow Screenshots Video

Review all test suite changes for PR #8265 ↗︎

@netroy netroy merged commit 1387541 into master Jan 9, 2024
19 checks passed
@netroy netroy deleted the fix-8263 branch January 9, 2024 10:34
MiloradFilipovic added a commit that referenced this pull request Jan 10, 2024
* master:
  ci: Validate docs urls for langchain nodes as well (no-changelog) (#8271)
  fix: Small ui fixes to workflow cred setup modal (no-changelog) (#8280)
  fix: Fix issue with API key being required for the Qdrant Node (#8237)
  feat(Coda Node): Add User-Agent for requests to Coda (no-changelog) (#7771)
  fix(FTP Node): FTP connection failed due to missing password credential in node (#8131)
  ci: Fix lint setup in `chat` package (no-changelog) (#8275)
  ci: Fix codecov reporting, and include all packages (no-changelog) (#8276)
  fix(core): Fix test webhook deregistration (#8247)
  docs: Update links in deprecated langchain nodes to avoid linting errors (no-changelog) (#8273)
  fix: Fix user reinvites on FE and BE (#8261)
  docs: Update primaryDocumentation urls for nodes updated in #7651 (no-changelog) (#8270)
  feat: Add Chat Trigger node (#7409)
  fix(Github Trigger Node): Enforce SSL validation by default (#8265)
  fix(editor): Tweaking button sizes in execution preview (#8206)
  fix(core): Avoid wrapping `ExecutionBaseError` to prevent misreporting to Sentry (no-changelog) (#8262)
@github-actions github-actions bot mentioned this pull request Jan 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
n8n team Authored by the n8n team node/improvement New feature or request security
Projects
None yet
Development

Successfully merging this pull request may close these issues.

why is insecure_ssl set to true ?
2 participants