django-cloud-tasks
django-cloud-tasks copied to clipboard
Published
20 hours ago •
flamingo-run
flamingo-run
Verify that the request comes from GCP
The underlying GCP Pilot library requests that Google Cloud Tasks signs the request with an OIDC token, but there is no logic to check that in the view.
This is a security vulnerability since the tasks can be run by anyone now.
Code Climate has analyzed commit aa9db5fb and detected 0 issues on this pull request.
View more on Code Climate.
![codeclimate[bot] avatar](https://avatars.githubusercontent.com/in/9403?v=4 "Published by a pub.dev verified publisher"){kind=small}