Fixed timing attack in cookie validation.
- Changed from using string == to hmac.Equal - See more details here: http://verboselogging.com/2012/08/20/a-timing-attack-in-action
parent
2f165345
Please register or sign in to comment
- Changed from using string == to hmac.Equal - See more details here: http://verboselogging.com/2012/08/20/a-timing-attack-in-action