knee-cola/evidencija-rezija
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: delegate security to CloudFlare and clean up mailgun-webhook

Browse Source 
Remove application-level CORS and IP whitelisting as security is now handled at CloudFlare edge. CORS is not applicable for backend webhook service, and IP whitelisting is more effectively managed at infrastructure layer. Also translate Dockerfile comments to English and add registry URL to build script.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Nikola Derežić
2026-01-07 12:47:07 +01:00
parent d081386b9f
commit 45d5507bf9
4 changed files with 13 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mailgun-webhook/docs/MAILGUN_WEBHOOK_API_SPEC.md
View File

@@ -133,7 +133,7 @@ For **unsubscribed** events:
### Future Enhancements
For production deployment, consider:
- **Signature Verification**: Verify webhook authenticity using `timestamp`, `token`, and `signature`
- **IP Whitelisting**: Restrict to MailGun's IP ranges
- **IP Whitelisting**: Restrict to MailGun's IP ranges (implemented via CloudFlare)
- **Rate Limiting**: Prevent abuse
## Database Integration