Add better security, errors, and setup for incoming Bitbucket web hooks.
Review Request #6315 — Created Sept. 12, 2014 and submitted — Latest diff uploaded
This change improves many aspects of the incoming Bitbucket web hook
support, to improve security, error responses, and to ease setup of
hooks.The Bitbucket URL now requires a valid hooks_uuid value, making the URL
practically unguessable. When accessing the URL for the repository, the
value provided in the URL will be matched against that of the repository
that was also referenced in the URL, returning 404 if they don't match.The error responses have improved when the payload is incorrect. Instead
of just returning an empty HTTP 400, we now return an error string, in
order to help identify what went wrong.Like GitHub, there's now instructions when setting up a Bitbucket hook.
Bitbucket has a helpful URL for adding a new hook with the hook detailed
pre-filled, which we use in the instructions to make it even easier to
get going.
Unit tests pass.
Tested adding a webhook through the instructions, and verified the resulting
URL.