Bird
0
0

What is wrong with this JavaScript webhook signature verification code?

medium📝 Debug Q7 of 15
Rest API - Webhooks and Events
What is wrong with this JavaScript webhook signature verification code? ```javascript const crypto = require('crypto'); const secret = 'key'; const payload = 'message'; const signature = 'abc'; const hmac = crypto.createHmac('sha256', secret); hmac.update(payload); const digest = hmac.digest('hex'); if (digest === signature) { console.log('Valid'); } else { console.log('Invalid'); } ```
AUsing require instead of import
BSignature comparison missing prefix
CDigest method called twice
DPayload should be a Buffer
Step-by-Step Solution
Solution:

  1. Step 1: Check signature format

    Many webhook signatures include a prefix like 'sha256=' which is missing here.

  2. Step 2: Compare digest with signature

    Without the prefix, the digest string won't match the signature string if prefix is expected.

  3. Final Answer:

    Signature comparison missing prefix -> Option B

  4. Quick Check:

    Include prefix like 'sha256=' in signature comparison [OK]
Quick Trick: Match full signature string including prefix like 'sha256=' [OK]
Common Mistakes:
MISTAKES
  • Ignoring signature prefix in comparison
  • Using require in ES module context (not always error)
  • Calling digest multiple times (not shown here)

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Rest API Quizzes
API Documentation - Example requests and responses - Quiz 11easy API Testing and Monitoring - API analytics and usage metrics - Quiz 1easy API Testing and Monitoring - Why testing validates contracts - Quiz 2easy Advanced Patterns - Long-running operations (async responses) - Quiz 12easy Advanced Patterns - Long-running operations (async responses) - Quiz 14medium Batch and Bulk Operations - Async batch processing - Quiz 1easy Batch and Bulk Operations - Batch update patterns - Quiz 10hard Caching Strategies - Last-Modified and If-Modified-Since - Quiz 4medium Caching Strategies - If-None-Match and 304 responses - Quiz 15hard Caching Strategies - Validation-based caching - Quiz 1easy