In facebook.py, Rasa checks the X-Hub-Signature header field for the hashed Webhook payload using Facebook App Secret for validation. However, it seems that since around 2023(?), Facebook now uses the X-Hub-Signature-256 header field instead.
This user on Stack Overflow uses both headers for backward compability, which may be a good approach in Rasa.
Activity
fordcars March 1, 2024 at 6:58 AM
Seems like my Facebook iapp s sending both X-Hub-Signature and X-Hub-Signature-256 fields right now.
In
facebook.py, Rasa checks theX-Hub-Signatureheader field for the hashed Webhook payload using Facebook App Secret for validation. However, it seems that since around 2023(?), Facebook now uses the X-Hub-Signature-256 header field instead.This user on Stack Overflow uses both headers for backward compability, which may be a good approach in Rasa.