clawbot e2ac30287b fix: restrict webhook endpoint to POST only (closes #20) ...

Add method check at the top of HandleWebhook, returning 405 Method Not
Allowed with an Allow: POST header for any non-POST request. This
prevents GET, PUT, DELETE, etc. from being accepted at entrypoint URLs.

2026-03-01 16:35:38 -08:00

3.8 KiB

Raw Blame History

View Raw