Jeff, that should not be an issue since github provides the infrastructure to filter bozo requests (requests are sha1 signed with a shared secret) https://developer.github.com/webhooks/securing/
Cheers, Gilles On Tue, Oct 7, 2014 at 9:46 PM, Jeff Squyres (jsquyres) <jsquy...@cisco.com> wrote: > On Oct 7, 2014, at 6:57 AM, Gilles Gouaillardet < > gilles.gouaillar...@iferc.org> wrote: > > > so far, using webhooks looks really simple :-) > > Good! > > > a public web server (apache+php) that can > > a) process json requests > > b) issue curl requests > > is required strictly speaking. > > My only request would be to ensure that appropriate security is put in so > that this bot won't be spoofed by any bozo who sends a github-looking json > request to it. > > > i will keep working on a proof of concept > > Sounds good. > > Note that our current public PHP web pages already issue some curl > requests behind the scenes. E.g., the license page ( > http://www.open-mpi.org/community/license.php) does a curl request to get > the actual license text from our github repo and output it verbatim. See > the PHP source code here: > https://github.com/open-mpi/ompi-www/blob/master/community/license.php. > > -- > Jeff Squyres > jsquy...@cisco.com > For corporate legal information go to: > http://www.cisco.com/web/about/doing_business/legal/cri/ > > _______________________________________________ > devel mailing list > de...@open-mpi.org > Subscription: http://www.open-mpi.org/mailman/listinfo.cgi/devel > Link to this post: > http://www.open-mpi.org/community/lists/devel/2014/10/16018.php >
