From cb82ff93b08ca415977946ebad424d6656dc3aab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lorens=20Le=C3=B3n?= Date: Mon, 20 Jan 2025 11:15:54 +0100 Subject: [PATCH] chore: appply PR suggestions --- src/webhooks/webhooks.ts | 63 ++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 25 deletions(-) diff --git a/src/webhooks/webhooks.ts b/src/webhooks/webhooks.ts index 2e93564e3..82d11edab 100644 --- a/src/webhooks/webhooks.ts +++ b/src/webhooks/webhooks.ts @@ -200,31 +200,44 @@ export function validateRequest( * and with and without the legacy querystring (special chars are encoded when using `new URL()`) * since signature generation on the back end is inconsistent */ - return ( - validateSignatureWithUrl( - authToken, - twilioHeader, - removePort(urlObject), - params - ) || - validateSignatureWithUrl( - authToken, - twilioHeader, - addPort(urlObject), - params - ) || - validateSignatureWithUrl( - authToken, - twilioHeader, - withLegacyQuerystring(removePort(urlObject)), - params - ) || - validateSignatureWithUrl( - authToken, - twilioHeader, - withLegacyQuerystring(addPort(urlObject)), - params - ) + const signatureWithoutPort = validateSignatureWithUrl( + authToken, + twilioHeader, + removePort(urlObject), + params + ); + + if (signatureWithoutPort) { + return true; + } + + const signatureWithPort = validateSignatureWithUrl( + authToken, + twilioHeader, + addPort(urlObject), + params + ); + + if (signatureWithPort) { + return true; + } + + const signatureWithLegacyQuerystring = validateSignatureWithUrl( + authToken, + twilioHeader, + withLegacyQuerystring(removePort(urlObject)), + params + ); + + if (signatureWithLegacyQuerystring) { + return true; + } + + return validateSignatureWithUrl( + authToken, + twilioHeader, + withLegacyQuerystring(addPort(urlObject)), + params ); }