This is an automated email from the ASF dual-hosted git repository.
zhengqiwei pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hertzbeat.git
The following commit(s) were added to refs/heads/master by this push:
new e23903fd0 [fix] Fixed issue where default path did not match whitelist
(#3740)
e23903fd0 is described below
commit e23903fd0c205effcd80b0300c8a162f574e0708
Author: Duansg <[email protected]>
AuthorDate: Wed Sep 3 21:52:44 2025 +0800
[fix] Fixed issue where default path did not match whitelist (#3740)
---
.../hertzbeat/alert/notice/impl/ServerChanAlertNotifyHandlerImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/hertzbeat-alerter/src/main/java/org/apache/hertzbeat/alert/notice/impl/ServerChanAlertNotifyHandlerImpl.java
b/hertzbeat-alerter/src/main/java/org/apache/hertzbeat/alert/notice/impl/ServerChanAlertNotifyHandlerImpl.java
index ef97737d0..1b1b7a5d7 100644
---
a/hertzbeat-alerter/src/main/java/org/apache/hertzbeat/alert/notice/impl/ServerChanAlertNotifyHandlerImpl.java
+++
b/hertzbeat-alerter/src/main/java/org/apache/hertzbeat/alert/notice/impl/ServerChanAlertNotifyHandlerImpl.java
@@ -60,7 +60,7 @@ public class ServerChanAlertNotifyHandlerImpl extends
AbstractAlertNotifyHandler
String webHookUrl =
String.format(alerterProperties.getServerChanWebhookUrl(), sanitizedToken);
// Validate the constructed URL against a whitelist
- List<String> allowedBaseUrls =
List.of("https://api.serverchan.com";, "https://serverchan.example.com";);
+ List<String> allowedBaseUrls =
List.of("https://api.serverchan.com";, "https://serverchan.example.com";,
"https://sctapi.ftqq.com";);
boolean isValidUrl =
allowedBaseUrls.stream().anyMatch(webHookUrl::startsWith);
if (!isValidUrl) {
throw new AlertNoticeException("Invalid webhook URL: " +
webHookUrl);
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
