Insecure Inbound Parse

### Issue Summary
Inbound Parse API does not provide any security controls against a malicious sender.

### Steps to Reproduce
https://github.com/sendgrid/sendgrid-java/blob/main/USAGE.md#create-a-parse-setting

### Technical Details
A backward-compatibe and quick solution might be a Message Authentication Code sent via X-MAC header i.e a salted by the API key hash of the payload.

### References
- [Support request #8295262](https://support.sendgrid.com/hc/en-us/requests/8295262)
- [OWASP A01:2021 – Broken Access Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control/)
- [Secure Design Principles](https://github.com/OWASP/DevGuide/blob/master/02-Design/01-Principles%20of%20Security%20Engineering.md)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Insecure Inbound Parse #730

Issue Summary

Steps to Reproduce

Technical Details

References

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Insecure Inbound Parse #730

Description

Issue Summary

Steps to Reproduce

Technical Details

References

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions