內容簡介
這個外掛可以在每個事件的 X-Gform-Signature 標頭中包含簽名,以將由 Gravity Forms WebHooks 外掛發送的 Webhook 事件發送到您的端點,這樣您就可以驗證事件是否由 Gravity Forms 外掛而不是第三方發送。目前,您必須手動使用自己的解決方案來驗證簽名。然而,下面的連結提供了一個 Node.js(JavaScript)實現的範例。
在驗證簽名之前,您需要檢索您端點的公鑰(更多信息請見這個問題)。
該外掛對於每個表單和端點都使用相同的密鑰,這意味著每個生成的簽名都使用相同的密鑰。
驗證實現
Node.js:請參見 Github 上的範例。
外掛標籤
開發者團隊
② 後台搜尋「Webhook Signature add-on for Gravity Forms」→ 直接安裝(推薦)
原文外掛簡介
This plugin can sign the webhook events sent by the Gravity Forms WebHooks Add-On to your endpoints by including a signature in each event’s X-Gform-Signature header. This allows you to verify that the events were sent by the Gravity Forms add-on, not by a third party. As of right now, you must verify the signatures by manually using your own solution. However, an example of a Node.js (JavaScript) implementation is linked below.
Before you can verify signatures, you need to retrieve your endpoint’s public key (more information at this question).
This plugin uses the same keys for every form and endpoint, meaning that the same keys will be used for every signature generated.
Verification implementations
Node.js: See the example on Github.
