[PR #719] [MERGED] feat: enhance webhook security with configurable allow list #718

New issue

Closed

opened 2026-02-26 21:32:38 +03:00 by kerem · 0 comments

kerem commented

2026-02-26 21:32:38 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719
Author: @dreamhunter2333
Created: 9/4/2025
Status: ✅ Merged
Merged: 9/5/2025
Merged by: @dreamhunter2333

Base: main ← Head: feature/email

📝 Commits (1)

776485c feat: enhance webhook security with configurable allow list

📊 Changes

12 files changed (+142 additions, -51 deletions)

View changed files

📝 CHANGELOG.md (+1 -0)
📝 frontend/src/views/admin/AccountSettings.vue (+38 -6)
📝 frontend/src/views/admin/CreateAccount.vue (+1 -1)
📝 frontend/src/views/admin/Telegram.vue (+44 -23)
📝 frontend/src/views/admin/UserOauth2Settings.vue (+10 -2)
📝 frontend/src/views/admin/UserSettings.vue (+15 -5)
📝 frontend/src/views/admin/Webhook.vue (+25 -8)
📝 frontend/src/views/admin/WorkerConfig.vue (+1 -1)
📝 worker/src/admin_api/webhook_settings.ts (+1 -1)
📝 worker/src/common.ts (+1 -1)
📝 worker/src/mails_api/webhook_settings.ts (+2 -2)
📝 worker/src/models/index.ts (+3 -1)

📄 Description

User description

Add enableAllowList flag to webhook settings for flexible access control
Update frontend UI with toggle switch and improved user experience
Maintain backward compatibility with default allow-all behavior
Add input validation hints and better form controls across admin panels

🤖 Generated with Claude Code

PR Type

Enhancement, Bug fix

Description

Introduced a configurable enableAllowList flag for webhooks to restrict access.
Enhanced UI components with manualInputPrompt and replaced checkboxes with switches.
Improved Telegram and email settings with better input validation and user guidance.
Updated backend logic to support enableAllowList for webhook access control.

Changes walkthrough 📝

Relevant files

Enhancement

8 files

AccountSettings.vue Added `manualInputPrompt` and improved select components.	+38/-6
CreateAccount.vue Replaced checkbox with switch for `enablePrefix`.	+1/-1
Telegram.vue `Enhanced Telegram settings with input prompts and guidance.`	+44/-23
UserOauth2Settings.vue Added `manualInputPrompt` and improved mail allow list handling.	+10/-2
UserSettings.vue `Enhanced user settings with switches and input prompts.`	+15/-5
Webhook.vue Added `enableAllowList` toggle and improved webhook settings UI.	+25/-8
webhook_settings.ts Updated webhook settings to include `enableAllowList`.	+1/-1
index.ts Updated `AdminWebhookSettings` model to include `enableAllowList`.	+3/-1

Formatting

1 files

WorkerConfig.vue
Adjusted card width for better display. +1/-1

Bug fix

2 files

common.ts Modified webhook logic to respect `enableAllowList`.	+1/-1
webhook_settings.ts Added `enableAllowList` checks for mail webhook settings.	+2/-2

Documentation

1 files

CHANGELOG.md
Documented `enableAllowList` feature for webhooks. +1/-0

Need help?
Type /help how to ... in the comments thread for any questions about PR-Agent usage.
Check out the documentation for more information.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719 **Author:** [@dreamhunter2333](https://github.com/dreamhunter2333) **Created:** 9/4/2025 **Status:** ✅ Merged **Merged:** 9/5/2025 **Merged by:** [@dreamhunter2333](https://github.com/dreamhunter2333) **Base:** `main` ← **Head:** `feature/email` --- ### 📝 Commits (1) - [`776485c`](https://github.com/dreamhunter2333/cloudflare_temp_email/commit/776485c17ad99b127ff60a71c966f458b0781f5f) feat: enhance webhook security with configurable allow list ### 📊 Changes **12 files changed** (+142 additions, -51 deletions) <details> <summary>View changed files</summary> 📝 `CHANGELOG.md` (+1 -0) 📝 `frontend/src/views/admin/AccountSettings.vue` (+38 -6) 📝 `frontend/src/views/admin/CreateAccount.vue` (+1 -1) 📝 `frontend/src/views/admin/Telegram.vue` (+44 -23) 📝 `frontend/src/views/admin/UserOauth2Settings.vue` (+10 -2) 📝 `frontend/src/views/admin/UserSettings.vue` (+15 -5) 📝 `frontend/src/views/admin/Webhook.vue` (+25 -8) 📝 `frontend/src/views/admin/WorkerConfig.vue` (+1 -1) 📝 `worker/src/admin_api/webhook_settings.ts` (+1 -1) 📝 `worker/src/common.ts` (+1 -1) 📝 `worker/src/mails_api/webhook_settings.ts` (+2 -2) 📝 `worker/src/models/index.ts` (+3 -1) </details> ### 📄 Description ### **User description** - Add enableAllowList flag to webhook settings for flexible access control - Update frontend UI with toggle switch and improved user experience - Maintain backward compatibility with default allow-all behavior - Add input validation hints and better form controls across admin panels 🤖 Generated with [Claude Code](https://claude.ai/code) ___ ### **PR Type** Enhancement, Bug fix ___ ### **Description** - Introduced a configurable `enableAllowList` flag for webhooks to restrict access. - Enhanced UI components with `manualInputPrompt` and replaced checkboxes with switches. - Improved Telegram and email settings with better input validation and user guidance. - Updated backend logic to support `enableAllowList` for webhook access control. ___ ### **Changes walkthrough** 📝 <table><thead><tr><th></th><th align="left">Relevant files</th></tr></thead><tbody><tr><td><strong>Enhancement</strong></td><td><details><summary>8 files</summary><table> <tr> <td><strong>AccountSettings.vue</strong><dd><code>Added `manualInputPrompt` and improved select components.</code></dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-d5db89bc5b7ac5d009a78d299aa22f0f0414bbbb5006e88b30f35af8510b6b33">+38/-6</a>    </td> </tr> <tr> <td><strong>CreateAccount.vue</strong><dd><code>Replaced checkbox with switch for `enablePrefix`.</code>                </dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-d490c506b210861e0f75dc1570da5b34c54fe31c88d034c71bd7d15eef67740a">+1/-1</a>      </td> </tr> <tr> <td><strong>Telegram.vue</strong><dd><code>Enhanced Telegram settings with input prompts and guidance.</code></dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-73d3f4670901087acf2a32cbd4f8676e0173d7fc4e2104e60635a89c319476bc">+44/-23</a>  </td> </tr> <tr> <td><strong>UserOauth2Settings.vue</strong><dd><code>Added `manualInputPrompt` and improved mail allow list handling.</code></dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-5ded2f107f7fd8a04eb55462a9cb55b85bee3afc56fc45f8ba6a4bcf90755ebb">+10/-2</a>    </td> </tr> <tr> <td><strong>UserSettings.vue</strong><dd><code>Enhanced user settings with switches and input prompts.</code>    </dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-a98f69fcb5511514645cc9fa9da3b2df48f6f7642526e8bd05e0912414bbded0">+15/-5</a>    </td> </tr> <tr> <td><strong>Webhook.vue</strong><dd><code>Added `enableAllowList` toggle and improved webhook settings UI.</code></dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-73c78d0a7baed0bfc95c8031d71ab17506f7476cb44f3e00af1cfbea1f2e730b">+25/-8</a>    </td> </tr> <tr> <td><strong>webhook_settings.ts</strong><dd><code>Updated webhook settings to include `enableAllowList`.</code>      </dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-5c87ced5312931a318ab3dc78a916e54ed76a12fc9440b25a1babc5ec3a2b1c8">+1/-1</a>      </td> </tr> <tr> <td><strong>index.ts</strong><dd><code>Updated `AdminWebhookSettings` model to include `enableAllowList`.</code></dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-430bcc4ffa98738e7419c774a53ba2ce8b5127a36b3741e89bf36b95a56f02bc">+3/-1</a>      </td> </tr> </table></details></td></tr><tr><td><strong>Formatting</strong></td><td><details><summary>1 files</summary><table> <tr> <td><strong>WorkerConfig.vue</strong><dd><code>Adjusted card width for better display.</code>                                    </dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-0a7535ad031e2c50763c979ca587db2ba76d02feb93f6ad607fb2d55fa8b38c4">+1/-1</a>      </td> </tr> </table></details></td></tr><tr><td><strong>Bug fix</strong></td><td><details><summary>2 files</summary><table> <tr> <td><strong>common.ts</strong><dd><code>Modified webhook logic to respect `enableAllowList`.</code>          </dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-fcc08fd5aa3c190d0d45c7e3dd208e5ee831d360b272fdd5869607cf472c5eb1">+1/-1</a>      </td> </tr> <tr> <td><strong>webhook_settings.ts</strong><dd><code>Added `enableAllowList` checks for mail webhook settings.</code></dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-0c4fdb3ef2a70f77455a6458c649932abb800e668143eb85d12c95ef911bfb37">+2/-2</a>      </td> </tr> </table></details></td></tr><tr><td><strong>Documentation</strong></td><td><details><summary>1 files</summary><table> <tr> <td><strong>CHANGELOG.md</strong><dd><code>Documented `enableAllowList` feature for webhooks.</code>              </dd></td> <td><a href="https://github.com/dreamhunter2333/cloudflare_temp_email/pull/719/files#diff-06572a96a58dc510037d5efa622f9bec8519bc1beab13c9f251e97e657a9d4ed">+1/-0</a>      </td> </tr> </table></details></td></tr></tr></tbody></table> ___ > <details> <summary> Need help?</summary><li>Type <code>/help how to ...</code> in the comments thread for any questions about PR-Agent usage.</li><li>Check out the <a href="https://qodo-merge-docs.qodo.ai/usage-guide/">documentation</a> for more information.</li></details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>