Skip to content

Fix unhandled NumberFormatException in webhook timestamp parsing #2149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Nepomuk5665 wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix unhandled NumberFormatException in webhook timestamp parsing #2149

Nepomuk5665 wants to merge 1 commit into from
+20 −1

Conversation

@Nepomuk5665
Copy link

@Nepomuk5665 Nepomuk5665 commented Jan 24, 2026

Summary

Fixes an unhandled exception in webhook signature verification when the Stripe-Signature header contains a non-numeric timestamp value.

Problem

In Webhook.Signature.getTimestamp(), Long.parseLong() is called on the timestamp value extracted from the header without exception handling. If a malformed header is received with a non-numeric timestamp (e.g., t=not_a_number,v1=signature), a NumberFormatException is thrown and propagates up uncaught.

This violates the documented contract of verifyHeader() and constructEvent(), which state they throw SignatureVerificationException when verification fails.

Solution

Catch NumberFormatException in getTimestamp() and return -1, which causes verifyHeader() to throw the expected SignatureVerificationException with the message "Unable to extract timestamp and signatures from header".

Testing

Added a test case testMalformedTimestampValue() that verifies the fix by passing a header with a non-numeric timestamp and asserting that SignatureVerificationException is thrown (not NumberFormatException).

@Nepomuk5665 Nepomuk5665 requested a review from a team as a code owner January 24, 2026 14:00
@Nepomuk5665 Nepomuk5665 requested review from xavdid-stripe and removed request for a team January 24, 2026 14:00
@Nepomuk5665
Fix unhandled NumberFormatException in webhook timestamp parsing
5ebb98d 
When parsing the Stripe-Signature header, getTimestamp() calls Long.parseLong()
on the timestamp value without catching NumberFormatException. If a malformed
header contains a non-numeric timestamp value (e.g., 't=not_a_number'), the
exception propagates up uncaught, rather than being wrapped in a
SignatureVerificationException as documented.

This commit catches NumberFormatException and returns -1, which causes
verifyHeader() to throw the expected SignatureVerificationException with
the message 'Unable to extract timestamp and signatures from header'.

Also adds a test case for malformed timestamp values.
@Nepomuk5665 Nepomuk5665 force-pushed the fix-webhook-timestamp-parsing-exception branch from bdcd847 to 5ebb98d Compare January 24, 2026 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xavdid-stripe xavdid-stripe Awaiting requested review from xavdid-stripe xavdid-stripe is a code owner automatically assigned from stripe/api-library-reviewers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Nepomuk5665