Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unsafe token check #13

Closed
gleb-chipiga opened this issue Apr 24, 2022 · 2 comments
Closed

Unsafe token check #13

gleb-chipiga opened this issue Apr 24, 2022 · 2 comments
Assignees
Labels
bug Something isn't working enhancement New feature or request

Comments

@gleb-chipiga
Copy link

Currently, a simple string comparison in the check method is used to validate the token. To resist timing-attack, we need to use constant time comparison algorithm. Details https://en.wikipedia.org/wiki/Timing_attack.

@constantoine constantoine added bug Something isn't working enhancement New feature or request labels Apr 24, 2022
@constantoine constantoine self-assigned this Apr 24, 2022
@constantoine
Copy link
Owner

Fixed

@gleb-chipiga
Copy link
Author

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants