diff --git a/package.json b/package.json index c613752289..5fc5ce4c61 100644 --- a/package.json +++ b/package.json @@ -182,7 +182,7 @@ }, "devDependencies": { "@lodder/grunt-postcss": "3.1.1", - "@tryghost/express-test": "0.4.1", + "@tryghost/express-test": "0.4.2", "@tryghost/jest-snapshot": "0.3.1", "c8": "7.11.0", "coffeescript": "2.6.1", diff --git a/test/e2e-frontend/members.test.js b/test/e2e-frontend/members.test.js index 25afc0c28d..83ced39485 100644 --- a/test/e2e-frontend/members.test.js +++ b/test/e2e-frontend/members.test.js @@ -66,6 +66,12 @@ describe('Front-end members behaviour', function () { .expect(400); }); + it('should fail processing a webhook endpoint with stripe header', async function () { + await request.post('/members/webhooks/stripe') + .set('Stripe-Signature', 'test-invalid-signature') + .expect(401); + }); + it('should return no content for invalid token passed in session', async function () { await request.get('/members/api/session') .expect(204); diff --git a/yarn.lock b/yarn.lock index 5e8eb0166c..c2e3453943 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1670,10 +1670,10 @@ resolved "https://registry.yarnpkg.com/@tryghost/express-dynamic-redirects/-/express-dynamic-redirects-0.2.4.tgz#ae11560e16ca9438778a8e9e8034e4c6e7507f6d" integrity sha512-i1/6SAgfdLRoJX6OCAh7mNm50TzKbWM6hf5W6yGUSAz1M99y+7VypnTkGoy+0XPefS3OgjBTEThYWnz4aimcbQ== -"@tryghost/express-test@0.4.1": - version "0.4.1" - resolved "https://registry.yarnpkg.com/@tryghost/express-test/-/express-test-0.4.1.tgz#b409da2ba3e5fdca28ed25006eec432e1334b9e6" - integrity sha512-Uv8oZ4TbbOWz5LJzfRXiTVnhnUMwlSzNwPOtaRssH7dL0QvwvrZ4AIZg0ejUssyGXcek5jzTVzGt6sKytf2pWg== +"@tryghost/express-test@0.4.2": + version "0.4.2" + resolved "https://registry.yarnpkg.com/@tryghost/express-test/-/express-test-0.4.2.tgz#ca29050423d353631d11c01aeaf38767d0277e76" + integrity sha512-/97blrkjie14U53KQJsbg0SSO/XwmLXjL6c2VN7HmV+Mr2C9NQuvonbwI6BoAifsHjIcAKDpUA7TJ1bURiHxQg== dependencies: "@tryghost/jest-snapshot" "^0.3.1" cookiejar "^2.1.3"