Look into setting a maximum password length to prevent DOS attacks #6
Labels
Comments
|
I can grab this one if no one is working currently? |
|
go for it! |
|
I actually just noticed there is already a PR for this feature. I'm just going to merge that :-) |
|
@davidmurdoch Oh, I was so close to get a t-shirt. Thanks anyway :) |
|
Ah, didn't realize it was for a hacktoberfest. If you are familiar with HTTP basic auth, you could try your hand at trufflesuite/ganache#418 |
|
@davidmurdoch I don't have experience with HTTP basic auth, but I think i can give it a shot. Do you have any resource that I can check or any starter guide for ganache-core project? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
DOS attacks via long passwords will probably be making their rounds (again). http://www.tomsguide.com/us/django-long-password-security,news-17557.html
I'm thinking about setting a default max-length of maybe 4096 bytes. This max-password length would be configurable.
The text was updated successfully, but these errors were encountered: