Code Room
Code reviewMediumcr-p115
Subject SecurityLevel Senior~18 minCommon in Security interviewsIndustries Software development

Question

Review this webhook signature verification.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewpython
expected = hmac.new(secret, body, 'sha256').hexdigest()if signature == expected:    process(body)
Run or narrate your approach, then ask the coach.