Add all static files under a file directory named
public within the plugin directory, and include the files in the plugin bundle using the Makefile.
Plugins can implement the
ServeHTTP to listen to http requests. This can e.g. be used to receive post action requests when Interactive Messages Buttons and Menus are triggered by users. Since these requests are just http requests, anyone can send them to the plugin. Hence the plugin must make sure the requests are authentic. The Mattermost Server sets the http header
Mattermost-User-Id if and only if the request is made by an authenticated client. The plugin therefore has to only check if this header is set and reject all other requests.