Webhooks crash proxies like localtunnel or ngrok

[Grzesiek Kołodziejczyk]

Hi,

I'm building an app integrating Roomorama with BookingSync. I wanted to experiment with webhooks, but it seems that the test request that is performed when setting up crashes web proxies.

I tried localtunnel.me and ngrok.com, and both of them failed.

Here's the error from ngrok:

panic: json: invalid UTF-8 in string: "z\xc4\x05\xe2[\xb2\xd9\xe43C\xad:k\x16\xc1~\xc8H\"\xa4"

The problem is easy to reproduce, you can run ngrok without signing up.

I think the problematic part is in the signature. The HTTP spec allows only ISO-8859-1 characters in the headers.

[Grzesiek Kołodziejczyk]

A quick solution would be to change the way the signature is calculated. In your examples you use `OpenSSL::HMAC.digest(digest, secret, encoded_string)`, while OpenSSL::HMAC.hexdigest would encode the result into a string that is valid for headers.

[Donald Piret]

Hi Grzesiek,

You’re absolutely right, we should have base64 encoded the digest.

We’ve just made the change from digest to hexdigest and should have deployed this by the time you read this email.

Donald Piret

CTO

Roomorama
Skype:  donaldpiret | Email:  don...@roomorama.com
https://roomorama.com

Facebook | Twitter | YouTube

--
You received this message because you are subscribed to the Google Groups "Roomorama API" group.
To unsubscribe from this group and stop receiving emails from it, send an email to roomorama-ap...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Sebastien Grosjean]

Hi Donald,

Thanks for the lightning fast fix :)

ᐧ

[Donald Piret]

Hi Sebastien,

No worries, the deployment is actually ongoing at the moment, so should be up in a few minutes.

Continuing to work on the other API bugs early this week.

Donald Piret

CTO

Roomorama
Skype:  donaldpiret | Email:  don...@roomorama.com
https://roomorama.com

Facebook | Twitter | YouTube

[Sebastien Grosjean]

Wonderful, thanks for that.

ᐧ