mirror of
https://github.com/dograh-hq/dograh.git
synced 2026-06-13 08:15:21 +02:00
ace4903c0e
The /cloudonix/cdr webhook is a public, unauthenticated endpoint that parses
arbitrary external JSON. It dereferenced cdr_data.get("session").get("token")
unconditionally, so a partial or malformed CDR payload that omits "session"
(or sends "session": null) raised AttributeError -> HTTP 500. The existing
"Missing call_id field" guard right below it was unreachable because the crash
happened first.
StatusCallbackRequest.from_cloudonix_cdr had the same fragility plus a second
one: data.get("disposition", "") returns None when the key is present-but-null,
and None.upper() then crashed.
Navigate both fields defensively so missing/null values fall through to the
intended graceful error path instead of crashing. Adds regression tests
covering missing session, null session, null disposition, and the well-formed
mapping path.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| auth | ||
| campaign | ||
| configuration | ||
| filesystem | ||
| gen_ai | ||
| gender | ||
| integrations | ||
| pipecat | ||
| pricing | ||
| reports | ||
| telephony | ||
| voice_prompting_guide | ||
| worker_sync | ||
| workflow | ||
| mps_service_key_client.py | ||
| posthog_client.py | ||
| quota_service.py | ||
| storage.py | ||
| tool_management.py | ||